Details

The default TMOUT determines the shell timeout for users. The TMOUT value is measured in seconds.

Solution

Edit the etc/profile files (and the appropriate files for any other shell supported on your system) and add or edit any umask parameters as follows:
TMOUT=600

Notes: The audit and remediation in this recommendation apply to bash and shell. If other shells are supported on the system, it is recommended that their configuration files also are checked. Other methods of setting a timeout exist for other shells not covered here.

Supportive Information

The following resource is also helpful.

• https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-12
• CSCv6|13

Source

• Tenable.com/audits