Check: GEN000510
VMware ESX 3 Server:
GEN000510
(in version v1 r2)
Title
The system must display a publicly-viewable pattern during a graphical desktop environment session lock. (Cat III impact)
Discussion
To protect the on-screen content of a session, it must be replaced with a publicly-viewable pattern upon session lock. Examples of publicly viewable patterns include screen saver patterns, photographic images, solid colors, or a blank screen, so long as none of those patterns convey sensitive information. This requirement applies to graphical desktop environments provided by the system to locally attached displays and input devices, as well as, to graphical desktop environments provided to remote systems using remote access protocols.
Check Content
Determine if a publicly-viewable pattern is displayed during a session lock. If the session lock pattern is not publicly-viewable, this is a finding.
Fix Text
Configure the system to display a publicly-viewable pattern during a session lock.
Additional Identifiers
Rule ID: SV-25948r1_rule
Vulnerability ID: V-22301
Group Title: GEN000510
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000061 |
The organization identifies and defines organization-defined user actions that can be performed on the information system without identification or authentication consistent with organizational missions/business functions. |
Controls
Number | Title |
---|---|
AC-14 |
Permitted Actions Without Identification Or Authentication |