| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1661 - Session Authenticity | Invalidate Session Identifiers At Logout | ||
| Id | 4c643c9a-1be7-4016-a5e7-e4bada052920 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Communications Protection control | ||
| Additional metadata |
Name/Id: ACF1661 / Microsoft Managed Control 1661 Category: System and Communications Protection Title: Session Authenticity | Invalidate Session Identifiers At Logout Ownership: Customer, Microsoft Description: The information system invalidates session identifiers upon user logout or other session termination. Requirements: Azure utilizes Active Directory Single-Sign-Out functionality to invalidate session identifiers at session termination. Azure does not allow reuse of SSL/TLS session identifiers. SSL/TLS session identifiers are invalidated upon termination of the session. Azure sessions rely on Azure-managed certificate authorities (CAs) for the establishment of secure sessions through the use of Secure Socket Layer (SSL) and Transport Layer Security (TLS) certificates. These certificates, after verification by the Azure CAs, facilitate the establishment of protected sessions between sessions at the infrastructure level. Session identifiers are invalidated upon user logout or termination. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|