An error occurred:

Check: 3.074

Windows Vista STIG: 3.074 (in versions v6 r42 through v6 r41)

Title

The system is not configured to force users to log off when their allowed logon hours expire. (Cat II impact)

Discussion

This setting controls whether or not users are forced to log off when their allowed logon hours expire. If logon hours are set for users, then this should be enforced.

Check Content

Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “Network security: Force logoff when logon hours expire” is not set to “Enabled”, then this is a finding.

Fix Text

Configure the system to log off users when their allowed logon hours expire.

Additional Identifiers

Rule ID: SV-29528r1_rule

Vulnerability ID: V-3380

Group Title: Force Logoff When Logon Hours Expire

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001133

The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-10

Network Disconnect