CCI|CCI-000054

Title

Limit the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.5.5 Ensure number of concurrent sessions is limitedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001004 - AIX must limit the number of concurrent sessions to 10 for all accounts and/or account types.UnixDISA STIG AIX 7.x v3r1
AOSX-14-000050 - The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types.UnixDISA STIG Apple Mac OSX 10.14 v2r6
ARST-ND-000010 - The Arista network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - KeepAliveUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - MaxKeepAliveRequestsUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U1-000020 - The Apache web server must perform server-side session management - httpdUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000020 - The Apache web server must perform server-side session management - session_moduleUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000020 - The Apache web server must perform server-side session management - usertrack_moduleUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000020 - The Apache web server must perform server-side session management.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000020 - The Apache web server must perform server-side session management.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000020 - The Apache web server must perform server-side session management.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.WindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.WindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000020 - The Apache web server must perform server-side session management - session_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000020 - The Apache web server must perform server-side session management - session_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W2-000010 - The Apache web server must limit the number of allowed simultaneous session requests.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000020 - The Apache web server must perform server-side session management.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Big Sur v1.4.0 - All Profiles
BIND-9X-001050 - The BIND 9.x secondary name server must limit the number of zones requested from a single master name server.UnixDISA BIND 9.x STIG v2r3
BIND-9X-001051 - The BIND 9.x secondary name server must limit the total number of zones the name server can request at any one time.UnixDISA BIND 9.x STIG v2r3
BIND-9X-001052 - The BIND 9.x server implementation must limit the number of concurrent session client connections to the number of allowed dynamic update clients.UnixDISA BIND 9.x STIG v2r3
BIND-9X-001070 - A BIND 9.x master name server must limit the number of concurrent zone transfers between authorized secondary name servers.UnixDISA BIND 9.x STIG v2r3
CASA-ND-000010 - The Cisco ASA must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco ASA NDM v2r2
Catalina - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Limit Concurrent GUI Sessions to 10 for all AccountsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
CD12-00-001200 - PostgreSQL must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco IOS-XR Router NDM v3r2
CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco IOS Router NDM v3r2
CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco IOS XE Router NDM v3r2
CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco IOS XE Switch NDM v3r2
CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco IOS Switch NDM v3r2
CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number.CiscoDISA STIG Cisco NX-OS Switch NDM v3r2
Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept ARPF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept important ICMPF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - enabledF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Filter established connectionsF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Packet filter loggingF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Review Packet-Filter RulesF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Send ICMP error on packet rejectF5Tenable F5 BIG-IP Best Practice Audit
Configuring CIDR Network Addresses for the BIG-IP packet filter - Unhandled Packet ActionF5Tenable F5 BIG-IP Best Practice Audit
Configuring the BIG-IP system to enforce the use of strict passwordsF5Tenable F5 BIG-IP Best Practice Audit
Configuring the BIG-IP system to exclude inode information from EtagsF5Tenable F5 BIG-IP Best Practice Audit
DB2X-00-000200 - DB2 must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database