AOSX-15-000002 – The macOS system must retain the session lock until the user reestablishes access using established identification and authentication procedures.

Details

Users must be prompted to enter their passwords when unlocking the screen saver. The screen saver acts as a session lock and prevents unauthorized users from accessing the current user’s account.

Solution

This setting is enforced using the ‘Login Window Policy’ configuration profile.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_OS_X_10-15_V1R7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-11b.
CAT|II
CCI|CCI-000056
Rule-ID|SV-225119r610901_rule
STIG-ID|AOSX-15-000002
STIG-Legacy|SV-111615
STIG-Legacy|V-102653
Vuln-ID|V-225119

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles