800-53|AC-7

Title

UNSUCCESSFUL LOGON ATTEMPTS

Description

The information system:

Supplemental

This control applies regardless of whether the logon occurs via a local or network connection. Due to the potential for denial of service, automatic lockouts initiated by information systems are usually temporary and automatically release after a predetermined time period established by organizations. If a delay algorithm is selected, organizations may choose to employ different algorithms for different information system components based on the capabilities of those components. Responses to unsuccessful logon attempts may be implemented at both the operating system and the application levels.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-14,AC-2,AC-9,IA-5

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Priority: P2

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.5 - AirWatch - Enable Erase Data	MDM	AirWatch - CIS Apple iOS 8 v1.0.0 L2
1.1.5 - AirWatch - Enable Erase Data	MDM	AirWatch - CIS Apple iOS 9 v1.0.0 L2
1.1.5 - MobileIron - Enable Erase Data	MDM	MobileIron - CIS Apple iOS 9 v1.0.0 L2
1.1.5 - MobileIron - Enable Erase Data	MDM	MobileIron - CIS Apple iOS 8 v1.0.0 L2
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 MS L1 v3.0.0
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 R2 DC L1 v3.0.0
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 DC L1 v3.0.0
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 R2 MS L1 v3.0.0
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 11 Enterprise v3.0.0 L1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC
1.2.1 Ensure 'Account lockout duration' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Windows Server 2012 DC L1 v3.0.0
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Windows Server 2012 R2 DC L1 v3.0.0
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Microsoft Windows 10 Enterprise v3.0.0 L1
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	Windows	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS

Detections

Analytics