From Network Device Management Security Requirements Guide
Part of SRG-APP-000004-NDM-000203
Associated with: CCI-000058
A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Rather than being forced to wait for a period of time to expire before the management session can be locked, network management consoles need to provide administrators with the ability to manually invoke a session lock so they may secure their management session should the need arise for them to temporarily vacate the immediate physical vicinity of the management workstation. Once invoked, the session lock shall remain in place until the administrator re-authenticates. No other system activity aside from re-authentication shall unlock the management session.
Directly observe the management application or the console; if an administrator cannot directly initiate a session lock from either the management application or the console, this is a finding.
This is an intrinsic capability of the client application or the console. Many terminal emulation clients implement this capability through software flow control or XOFF/XON flow control.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer