Check: 4.004
Windows XP STIG:
4.004
(in versions v6 r1.32 through v1 r0)
Title
Lockout duration does not meet minimum requirements. (Cat II impact)
Discussion
This parameter specifies the amount of time that must pass before a locked-out account is automatically unlocked by the system.
Check Content
Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Account Policies -> Account Lockout Policy. If the “Account lockout duration” is not set to "0", requiring and administrator to unlock the account, then this is a finding.
Fix Text
Configure the system so that the bad logon lockout duration conforms to DoD requirements.
Additional Identifiers
Rule ID: SV-29640r1_rule
Vulnerability ID: V-1099
Group Title: Lockout Duration
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |