• Requirement

    Invalidate session identifiers upon user logout or other session termination.

  • Discussion

    Invalidating session identifiers at logout curtails the ability of adversaries to capture and continue to employ previously valid session IDs.

More Info

  • Title

    Session Authenticity | Invalidate Session Identifiers at Logout
  • Family

    System and Communications Protection
  • Related NIST 800-53 ID

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!