Microsoft – Interactive logon: Machine inactivity limit
3.1 3.1.10 Access Control
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit
This article describes how to configure inactivity timeouts on Windows.
Microsoft – Microsoft network server: Amount of idle time required before suspending session
3.1 3.1.11 Access Control
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session
This article describes best practices for automatically terminating user sessions on a Microsoft Network Server.
Microsoft – Monitor Connected Remote Clients for Activity and Status
3.1 3.1.12 Access Control
https://learn.microsoft.com/en-us/windows-server/remote/remote-access/ras/monitoring-and-accounting/monitor-connected-remote-clients-for-activity-and-status
This document produced by Microsoft contains instructions to monitor remote client activity and status.
Microsoft – Set the account lockout threshold to recommended value
3.1 3.1.8 Access Control
https://learn.microsoft.com/en-us/services-hub/unified/health/remediation-steps-ad/set-the-account-lockout-threshold-to-the-recommended-value
This article describes mechanisms to limit unsuccessful logon attempts and why it is important.
Microsoft – Use Remote Access Monitoring and Accounting – Microsoft Windows
3.1 3.1.12 Access Control
https://learn.microsoft.com/en-us/windows-server/remote/remote-access/ras/monitoring-and-accounting/use-remote-access-monitoring-and-accounting
This document contains instructions for leveraging the monitoring capabilities of Remote Access by using the DirectAccess management console and the corresponding Windows PowerShell cmdlets, which are provided as part of the Remote Access server role.
Microsoft – Implementing Least-Privileged Administrative Models
3.1 3.1.5 Access Control
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implementing-least-privilege-administrative-models
Microsoft security best practices for employment of the least privilege principle.
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-options
This document discusses how Windows security settings that affect termination of user sessions can be configured in a Group Policy Object (GPO) to apply to all devices that are subject to that GPO.
National Center for Education Statistics – Protecting Your System: User Access Security
3.1 3.1.1 3.1.2 Access Control
https://nces.ed.gov/pubs98/safetech/chapter8.asp#89.10
This link provides check points for user access security.
National Security Agency – Securing Wireless Devices in Public Settings
3.1 3.1.16 3.1.17 Access Control
https://media.defense.gov/2021/Jul/29/2002815141/-1/-1/0/CSI_SECURING_WIRELESS_DEVICES_IN_PUBLIC.PDF
This infosheet gives National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) users the best practices for securing devices when conducting business in public settings. I
Netgear – What is 802.1x Security Authentication for Wireless Networks?
3.1 3.1.16 3.1.17 Access Control
https://kb.netgear.com/1209/What-is-802-1x-Security-Authentication-for-Wireless-Networks
This webpage provides the reader a basic understanding of 802.1x authentication for wireless networks.