Evidence – AC.L2-3.1.10

Use Session Lock with Pattern-Hiding Displays

Control Overview

This document describes the evidence used to demonstrate implementation of AC.L2-3.1.10, which requires automatic session locking and pattern-hiding displays.

This evidence supports the control response documented in the System Security Plan (SSP).

Evidence Objectives

Evidence for this control demonstrates that:

• User sessions automatically lock after inactivity
• Displayed information is hidden when sessions are locked
• Re-authentication is required to regain access

Evidence Artifacts

1. Session Lock Configuration

Evidence demonstrating session locking may include:

• Endpoint or system configuration enforcing inactivity lock
• Policies requiring screen lock after defined idle periods

Examples of acceptable sources:

• Windows or macOS endpoint security settings
• Mobile or endpoint management policies

Evidence Retention

Evidence supporting this control is retained in accordance with organizational policy and contractual requirements and is available for review during assessment.

Notes

Pattern-hiding is achieved when screen contents are not visible without re-authentication.