[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-3139-3

Platform: cpe:/o:microsoft:windows_xpDate: (C)2012-03-13   (M)2023-07-04



This policy setting, which determines whether to disconnect users who are connected to the local computer outside their user account's valid logon hours, affects the SMB component. If you enable this policy setting, client sessions with the SMB server will be disconnected when the client's logon hours expire. If you disable this policy setting, established client sessions will be maintained after the client's logon hours expire. Countermeasure: If you disable this policy setting, a user could remain connected to the computer outside of their allotted logon hours. This security setting behaves as an account policy. For domain accounts, there can be only one account policy. The account policy must be defined in the Default Domain Policy, and it is enforced by the domain controllers that make up the domain. A domain controller always pulls the account policy from the Default Domain Policy Group Policy object (GPO), even if there is a different account policy applied to the organizational unit that contains the domain controller. By default, workstations and servers that are joined to a domain (for example, member computers) also receive the same account policy for their local accounts. However, local account policies for member computers can be different from the domain account policy by defining an account policy for the organizational unit that contains the member computers. Kerberos settings are not applied to member computers. Potential Impact: When a user's logon time expires, SMB sessions will terminate. The user will be unable to log on to the computer until their next scheduled access time commences.


Parameter:

[enabled/disabled]


Technical Mechanism:

(1) GPO: Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options\\Network security: Force logoff when logon hours expire (2) REG: ### (3) WMI: ###

CCSS Severity:CCSS Metrics:
CCSS Score : 4.3Attack Vector: NETWORK
Exploit Score: 2.8Attack Complexity: LOW
Impact Score: 1.4Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LScope: UNCHANGED
 Confidentiality: NONE
 Integrity: NONE
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:gov.nist.usgcb.xp:def:244
HIPAA/HITECH ActHIPAA/HITECH Act
Jericho ForumJericho Forum
BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v6.0
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005ISO/IEC 27001-2005
COBIT 4.1COBIT 4.1
GAPP (Aug 2009)GAPP (Aug 2009)
NERC CIPNERC CIP
NIST SP800-53 R3NIST SP800-53 R3 AC-3
NIST SP800-53 R3NIST SP800-53 R3 CM-6
NIST SP800-53 R3NIST SP800-53 R3 CM-7
NIST SP800-53 R3NIST SP800-53 R3 SC-5
PCIDSS v2.0PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0BITS Shared Assessments AUP v5.0


OVAL    1
oval:gov.nist.usgcb.xp:def:244
XCCDF    4
xccdf_gov.nist_benchmark_USGCB-Windows-XP
xccdf_org.secpod_benchmark_hipaa_windows_xp
xccdf_org.secpod_benchmark_nist_windows_xp
xccdf_org.secpod_benchmark_nerc_cip_Windows_XP
...

© SecPod Technologies