Navigate

CCI-000056

CCI-000056 Definition

Retain the device lock until the user reestablishes access using established identification and authentication procedures.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if device lock is retained until the user re-establishes access using established identification and authentication procedures.

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing session lock; procedures addressing identification and authentication; system design documentation; system configuration settings and associated documentation; security plan; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing access control policy for session lock].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000056.

Control	Description
AC-11	a: Prevent further access to the system by [one or more of "initiating a device lock after {{ insert: param, ac-11_odp.02 }} of inactivity"/"requiring the user to initiate a device lock before leaving the system unattended"] ; and b: Retain the device lock until the user reestablishes access using established identification and authentication procedures.