On: Thu, Sep 24, 2009 at 05:07:11PM -0400,Les Koehler Wrote: > An idle user isn't necessarily a security exposure. The security audit > question to be asked is: Does the company have a policy for securing > terminals when the user isn't there and how do they enforce it?
I agree. Those questions look like they were taken from an "Auditing a VM system for dummies" book. -- Rich Greenberg N Ft Myers, FL, USA richgr atsign panix.com + 1 239 543 1353 Eastern time. N6LRT I speak for myself & my dogs only. VM'er since CP-67 Canines:Val, Red, Shasta & Casey (RIP), Red & Zero, Siberians Owner:Chinook-L Retired at the beach Asst Owner:Sibernet-L