STIGQter STIGQter: STIG Summary: Apple OS X 10.13 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020: The macOS system must initiate a session lock after a 15-minute period of inactivity.

DISA Rule

SV-96183r1_rule

Vulnerability Number

V-81469

Group Title

SRG-OS-000029-GPOS-00010

Rule Version

AOSX-13-000010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

This setting is enforced using the "Login Window Policy" configuration profile.

Check Contents

To check if the system has a configuration profile configured to enable the screen saver after a time-out period, run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep loginWindowIdleTime

The check should return a value of "900" or less for "loginWindowIdleTime".

If it does not, this is a finding.

Vulnerability Number

V-81469

Documentable

False

Rule Version

AOSX-13-000010

Severity Override Guidance

To check if the system has a configuration profile configured to enable the screen saver after a time-out period, run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep loginWindowIdleTime

The check should return a value of "900" or less for "loginWindowIdleTime".

If it does not, this is a finding.

Check Content Reference

M

Target Key

3329

Comments