>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-23(1)Session Authenticity

PBMM (P2)
Secret (P2)
Technical

>Control Description

SESSION AUTHENTICITY | INVALIDATE SESSION IDENTIFIERS AT LOGOUT The information system invalidates session identifiers upon user logout or other session termination.

>Supplemental Guidance

This control enhancement curtails the ability of adversaries from capturing and continuing to employ previously valid session IDs.

>Tailoring Guidance

This security control/enhancement can be met using readily available Commercial-Off-The-Shelf (COTS) components. Consequently, inclusion in a departmental profile is strongly encouraged in most cases.

Ask AI

Configure your API key to use AI features.