STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

V-240549

CAT II (Medium)

The SLES for vRealize must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

Rule ID

SV-240549r671388_rule

STIG

VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000366

Discussion

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

Check Content

Verify the SLES for vRealize enforces a delay of at least "4" seconds between logon prompts following a failed logon attempt.

Verify the use of the "pam_faildelay" module.

# grep pam_faildelay /etc/pam.d/common-auth*

The typical configuration looks something like this:

#delay is in micro seconds
auth    required    pam_faildelay.so    delay=4000000

If the line is not present, this is a finding.

Fix Text

Configure the SLES for vRealize to enforce a delay of at least "4" seconds between logon prompts following a failed logon attempt with the following command:

# sed -i "/^[^#]*pam_faildelay.so/ c\auth required pam_faildelay.so delay=4000000" /etc/pam.d/common-auth-vmware.local