| 4.1.9 Ensure login and logout events are collected - auditctl faillog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl faillog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl lastlog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl lastlog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl tallylog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - auditctl tallylog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - faillog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - faillog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - lastlog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - tallylog | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure login and logout events are collected - tallylog | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl btmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl btmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl utmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl utmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl wtmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - auditctl wtmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - btmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - utmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - utmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - wtmp | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure session initiation information is collected - wtmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-13-000005 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-bl-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-br-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-tl-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-tr-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-14-000006 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-000007 - The macOS system must be configured to disable hot corners - bottom left | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-000007 - The macOS system must be configured to disable hot corners - bottom right | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-000007 - The macOS system must be configured to disable hot corners - top left | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-000007 - The macOS system must be configured to disable hot corners - top right | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-15-000006 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| AOSX-15-000007 - The macOS system must be configured to disable hot corners - bottom left | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| AOSX-15-000007 - The macOS system must be configured to disable hot corners - bottom right | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| AOSX-15-000007 - The macOS system must be configured to disable hot corners - top left | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| AOSX-15-000007 - The macOS system must be configured to disable hot corners - top right | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| OL6-00-000260 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL08-00-020031 - OL 8 must initiate a session lock for graphical user interfaces when the screensaver is activated. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-020060 - OL 8 must automatically lock graphical user sessions after 15 minutes of inactivity. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-020070 - OL 8 must automatically lock command line user sessions after 15 minutes of inactivity. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-020080 - OL 8 must prevent a user from overriding the session lock-delay setting for the graphical user interface. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-020081 - OL 8 must prevent a user from overriding the session idle-delay setting for the graphical user interface. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-020082 - OL 8 must prevent a user from overriding the session lock-enabled setting for the graphical user interface. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000260 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-09-271065 - RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-09-271070 - RHEL 9 must prevent a user from overriding the session idle-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-12-010100 - The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL |
| SOL-11.1-040470 - The operating system session lock mechanism, when activated on a device with a display screen, must place a publicly viewable pattern onto the associated display, hiding what was previously visible on the screen. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| WN12-UC-000001 - A screen saver must be enabled on the system. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
