The information system enforces the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted.
No STIG checks reference this CCI.