| ALMA-09-002000 | V1R2 | AlmaLinux OS 9 must be able to directly initiate a session lock for all connection types using smart card when the smart card is removed. | |
| ALMA-09-002110 | V1R2 | AlmaLinux OS 9 must prevent a user from overriding the disabling of the graphical user smart card removal action. | |
| APPL-14-000001 | V2R3 | The macOS system must prevent Apple Watch from terminating a session lock. | |
| APPL-14-000002 | V2R3 | The macOS system must enforce screen saver password. | |
| APPL-14-000003 | V2R3 | The macOS system must enforce session lock no more than five seconds after screen saver is started. | |
| APPL-14-002090 | V2R3 | The macOS system must disable TouchID for unlocking the device. | |
| APPL-15-000001 | V1R3 | The macOS system must prevent Apple Watch from terminating a session lock. | |
| APPL-15-000002 | V1R3 | The macOS system must enforce screen saver password. | |
| APPL-15-000003 | V1R3 | The macOS system must enforce session lock no more than five seconds after screen saver is started. | |
| APPL-15-002090 | V1R3 | The macOS system must disable TouchID for unlocking the device. | |
| OL07-00-010060 | V3R2 | The Oracle Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures. | |
| OL08-00-020030 | V2R4 | OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for graphical user sessions. | |
| OL08-00-020043 | V2R4 | OL 8 must enable a user session lock until that user reestablishes access using established identification and authentication procedures for command line sessions. | |
| OL08-00-020050 | V2R4 | OL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed. | |
| OL09-00-002123 | V1R1 | OL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface. | |
| OL09-00-002126 | V1R1 | OL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action. | |
| OL09-00-002160 | V1R1 | OL 9 must be able to directly initiate a session lock for all connection types using smart card when the smart card is removed. | |
| RHEL-07-010060 | V3R9 | The Red Hat Enterprise Linux operating system must enable a user session lock until that user re-establishes access using established identification and authentication procedures. | |
| RHEL-08-020030 | V2R3 | RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions. | |
| RHEL-08-020050 | V2R3 | RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed. | |
| RHEL-09-271045 | V2R4 | RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed. | |
| RHEL-09-271050 | V2R4 | RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action. | |
| RHEL-09-271055 | V2R4 | RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions. | |
| RHEL-09-271060 | V2R4 | RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface. | |
| SLES-12-010060 | V3R2 | The SUSE operating system must be able to lock the graphical user interface (GUI). | |
| SLES-12-010070 | V3R2 | The SUSE operating system must utilize vlock to allow for session locking. | |
| SLES-15-010100 | V2R4 | The SUSE operating system must be able to lock the graphical user interface (GUI). | |
| SLES-15-010110 | V2R4 | The SUSE operating system must utilize vlock to allow for session locking. | |
| UBTU-18-010401 | V2R15 | The Ubuntu operating system must retain a users session lock until that user reestablishes access using established identification and authentication procedures. | |
| UBTU-20-010004 | V2R1 | The Ubuntu operating system must retain a user's session lock until that user reestablishes access using established identification and authentication procedures. | |
| UBTU-22-271020 | V2R4 | Ubuntu 22.04 LTS must retain a user's session lock until that user reestablishes access using established identification and authentication procedures. | |
| UBTU-24-200040 | V1R1 | Ubuntu 24.04 LTS must retain a user's session lock until the user reestablishes access using established identification and authentication procedures. | |
| WN10-CC-000365 | V3R4 | Windows 10 must be configured to prevent Windows apps from being activated by voice while the system is locked. | |
| WN11-CC-000365 | V2R3 | Windows 11 must be configured to prevent Windows apps from being activated by voice while the system is locked. | |
| WN19-SO-000120 | V3R4 | Windows Server 2019 machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver. | |
| WN22-SO-000120 | V2R4 | Windows Server 2022 machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver. | |