STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to IBM Hardware Management Console (HMC) Security Technical Implementation Guide

V-256883

CAT II (Medium)

The terminal or workstation must lock out after a maximum of 15 minutes of inactivity, requiring the account password to resume.

Rule ID

SV-256883r958402_rule

STIG

IBM Hardware Management Console (HMC) Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000057

Discussion

If the system, workstation, or terminal does not lock the session after more than15 minutes of inactivity, requiring a password to resume operations, the system or individual data could be compromised by an alert intruder who could exploit the oversight.

Check Content

Have the System Administrator display the User Properties window on the Hardware Management Console and check that the timeout minutes are set to a maximum of 15.

If the Verify Timeout minutes are set to more than 15, then this is a FINDING.

Fix Text

The System Administrator will display the User Properties window and will ensure that the Verify timeout minutes are set to a maximum of 15.