Detections
Analytics

CSCv6|16.6

Title

Monitor account usage to determine dormant accounts, notifying the user or user's manager.

Description

Monitor account usage to determine dormant accounts, notifying the user or user's manager. Disable such accounts if not needed, or document and monitor exceptions (e.g., vendor maintenance accounts needed for system recovery or continuity operations). Require that managers match active employees and contractors with each account belonging to their managed staff. Security or system administrators should then disable accounts that are not assigned to valid workforce members.

Reference Item Details

Category: Account Monitoring and Control

Family: Application

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.019 - Outdated or unused accounts must be removed from the system or disabled.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
4.019 - Outdated or unused accounts must be removed from the system or disabled.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
4.019 - Outdated or unused accounts must be removed from the system or disabled.WindowsDISA Windows Server 2008 MS STIG v6r46
4.019 - Outdated or unused accounts must be removed from the system or disabled.WindowsDISA Windows Server 2008 DC STIG v6r47
4.019 - Outdated or unused accounts must be removed from the system.WindowsDISA Windows 7 STIG v1r32
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.0.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS Distribution Independent Linux Server L1 v1.1.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.0.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixHuawei EulerOS 2 Workstation L1 v1.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS Amazon Linux v2.0.0 L1
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.0.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixHuawei EulerOS 2 Server L1 v1.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS Distribution Independent Linux Workstation L1 v1.1.0
5.4.1.4 Ensure inactive password lock is 30 days or lessUnixCIS SUSE Linux Enterprise Server 11 L1 v2.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useraddUnixCIS Red Hat EL7 Server L1 v3.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useraddUnixCIS Oracle Linux 7 Workstation L1 v3.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useraddUnixCIS Oracle Linux 7 Server L1 v3.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian 9 Server L1 v1.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian 9 Workstation L1 v1.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian Family Workstation L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian 10 Workstation L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Amazon Linux v2.1.0 L1
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS CentOS 6 Server L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Oracle Linux 6 Server L1 v1.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Oracle Linux 6 Workstation L1 v1.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS SUSE Linux Enterprise Server 12 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian Family Server L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Debian 10 Server L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS CentOS 6 Workstation L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Aliyun Linux 2 L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Red Hat 6 Workstation L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - useraddUnixCIS Red Hat 6 Server L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Debian Family Workstation L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Amazon Linux v2.1.0 L1
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Aliyun Linux 2 L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Debian 10 Server L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Debian 10 Workstation L1 v1.0.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Debian 9 Server L1 v1.0.1
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
5.4.1.4 Ensure inactive password lock is 30 days or less - usersUnixCIS Red Hat 6 Workstation L1 v2.1.0
10.5 Lock Inactive User AccountsUnixCIS Debian Linux 7 L1 v1.0.0
10.5 Lock Inactive User AccountsUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0