CCI|CCI-003627

Title

Disable accounts when the accounts have expired.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
APPL-14-003080 - The macOS system must disable accounts after 35 days of inactivity.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
JUEX-NM-000640 - The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.JuniperDISA Juniper EX Series Network Device Management v2r1
JUSX-DM-000095 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.JuniperDISA Juniper SRX Services Gateway NDM v3r2
OL08-00-020260 - The OL 8 system-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-020261 - The OL 8 password-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity.UnixDISA Oracle Linux 8 STIG v2r2
RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.UnixDISA Red Hat Enterprise Linux 8 STIG v2r1
RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SLES-15-020050 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration.UnixDISA SLES 15 STIG v2r2
SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity.UnixDISA STIG Solaris 11 SPARC v3r1
SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity.UnixDISA STIG Solaris 11 X86 v3r1
UBTU-20-010409 - The Ubuntu operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.UnixDISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-411035 - Ubuntu 22.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
VCSA-80-000059 The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.VMwareDISA VMware vSphere 8.0 vCenter STIG v2r1
WN10-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity.WindowsDISA Windows 10 STIG v3r2
WN11-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity.WindowsDISA Windows 11 STIG v2r2
WN19-00-000190 - Windows Server 2019 outdated or unused accounts must be removed or disabled.WindowsDISA Windows Server 2019 STIG v3r2
WN22-00-000190 - Windows Server 2022 outdated or unused accounts must be removed or disabled.WindowsDISA Windows Server 2022 STIG v2r2