Set ‘exec-timeout’ to less than or equal to 10 minutes ‘line console 0’

Details

If no input is detected during the interval, the EXEC facility resumes the current connection. If no connections exist, the EXEC facility returns the terminal to the idle state and disconnects the incoming session.

Solution

Configure device timeout (10 minutes or less) to disconnect sessions after a fixed idle time.
hostname(config)#line con 0
hostname(config-line)#exec-timeout

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/508

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Cisco.

References

800-53|AC-12

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles