Check: 5.102
Win2k8 R2 Audit:
5.102
(in version v1 r8)
Title
The system will be configured to have password protection take effect within a limited time frame when the screen saver becomes active. (Cat III impact)
Discussion
Allowing more than several seconds for password protection to take effect when a screen saver becomes active makes the computer vulnerable to a potential attack from someone walking up to the console to attempt to access the system.
Check Content
Fix Text
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)” to “5” or less.
Additional Identifiers
Rule ID: SV-32360r1_rule
Vulnerability ID: V-4442
Group Title: Screen Saver Grace Period
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |