SC-23(1)
-
Requirement
Invalidate session identifiers upon user logout or other session termination.
-
Discussion
Invalidating session identifiers at logout curtails the ability of adversaries to capture and continue to employ previously valid session IDs.
NIST 800-53A Assessment Guidance
CMMC Training
Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!