STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Network Device Management Security Requirements Guide

V-202085

CAT II (Medium)

The network device must be configured to provide a logout mechanism for administrator-initiated communication sessions.

Rule ID

SV-202085r961224_rule

STIG

Network Device Management Security Requirements Guide

Version

V5R4

CCIs

CCI-002363

Discussion

If an administrator cannot explicitly end a device management session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session.

Check Content

Review the network device configuration to determine if it is configured to enable a logout for administrator-initiated communication sessions.

If the network device is not configured to provide a logout mechanism for these sessions, this is a finding.

Fix Text

Configure the network device to provide a logout capability for administrator-initiated communication sessions.