Title

Idle connections DO NOT disconnect in 15 min. (Cat II impact)

Discussion

Requirement: The IAO will ensure that a timeout feature, set to 15 minutes, is used to disconnect idle connections. Unattended systems are susceptible to unauthorized use. The system should be locked when unattended. The user idle timeout should be set to a maximum of 15 minutes. This setting protects critical and sensitive system areas from exposure to unauthorized personnel with physical access to an unattended administration/maintenance terminal.

Check Content

Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices.

Fix Text

The system administrator will ensure that the timeout for unattended user administration/maintenance ports is set for no longer than 15 minutes, if technically feasible.

Additional Identifiers

Rule ID: SV-8483r1_rule

Vulnerability ID: V-7997

Group Title: Idle connections DO NOT disconnect in 15 min.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.