STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must automatically terminate a user session after an organization-defined period of user inactivity.

DISA Rule

SV-234442r617355_rule

Vulnerability Number

V-234442

Group Title

SRG-APP-000295

Rule Version

SRG-APP-000295-UEM-000169

Severity

CAT II

CCI(s)

• CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

10

Fix Recommendation

Configure the UEM server to automatically terminate a user session after an organization-defined period of user inactivity.

Check Contents

Verify the UEM server automatically terminates a user session after an organization-defined period of user inactivity.

If the UEM server does not automatically terminate a user session after an organization-defined period of user inactivity, this is a finding.

Vulnerability Number

V-234442

Documentable

False

Rule Version

SRG-APP-000295-UEM-000169

Severity Override Guidance

Verify the UEM server automatically terminates a user session after an organization-defined period of user inactivity.

If the UEM server does not automatically terminate a user session after an organization-defined period of user inactivity, this is a finding.

Check Content Reference

M

Target Key

5269

Comments