AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Display an explicit logout message | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Display an explicit logout message
Id 0471c6b7-1588-701c-2713-1fade73b75f6
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1056 - Display an explicit logout message
Additional metadata Name/Id: CMA_C1056 / CMA_C1056
Category: Operational
Title: Display an explicit logout message
Ownership: Customer
Description: The customer is responsible for displaying an explicit logout message to users on customer-deployed resources.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 3 compliance controls are associated with this Policy definition 'Display an explicit logout message' (0471c6b7-1588-701c-2713-1fade73b75f6)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-12(1) FedRAMP_High_R4_AC-12(1) FedRAMP High AC-12 (1) Access Control User-Initiated Logouts / Message Displays Shared n/a The information system: (a) Provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to [Assignment: organization-defined information resources]; and (b) Displays an explicit logout message to users indicating the reliable termination of authenticated communications sessions. Supplemental Guidance: Information resources to which users gain access via authentication include, for example, local workstations, databases, and password-protected websites/web- based services. Logout messages for web page access, for example, can be displayed after authenticated sessions have been terminated. However, for some types of interactive sessions including, for example, file transfer protocol (FTP) sessions, information systems typically send logout messages as final messages prior to terminating sessions. link 2
NIST_SP_800-53_R4 AC-12(1) NIST_SP_800-53_R4_AC-12(1) NIST SP 800-53 Rev. 4 AC-12 (1) Access Control User-Initiated Logouts / Message Displays Shared n/a The information system: (a) Provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to [Assignment: organization-defined information resources]; and (b) Displays an explicit logout message to users indicating the reliable termination of authenticated communications sessions. Supplemental Guidance: Information resources to which users gain access via authentication include, for example, local workstations, databases, and password-protected websites/web- based services. Logout messages for web page access, for example, can be displayed after authenticated sessions have been terminated. However, for some types of interactive sessions including, for example, file transfer protocol (FTP) sessions, information systems typically send logout messages as final messages prior to terminating sessions. link 2
NIST_SP_800-53_R5 AC-12(1) NIST_SP_800-53_R5_AC-12(1) NIST SP 800-53 Rev. 5 AC-12 (1) Access Control User-initiated Logouts Shared n/a Provide a logout capability for user-initiated communications sessions whenever authentication is used to gain access to [Assignment: organization-defined information resources]. link 2
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 0471c6b7-1588-701c-2713-1fade73b75f6
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC