last sync: 2024-Jun-14 18:20:16 UTC

Microsoft Managed Control 1661 - Session Authenticity | Invalidate Session Identifiers At Logout | Regulatory Compliance - System and Communications Protection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1661 - Session Authenticity | Invalidate Session Identifiers At Logout
Id 4c643c9a-1be7-4016-a5e7-e4bada052920
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Communications Protection control
Additional metadata Name/Id: ACF1661 / Microsoft Managed Control 1661
Category: System and Communications Protection
Title: Session Authenticity | Invalidate Session Identifiers At Logout
Ownership: Customer, Microsoft
Description: The information system invalidates session identifiers upon user logout or other session termination.
Requirements: Azure utilizes Active Directory Single-Sign-Out functionality to invalidate session identifiers at session termination. Azure does not allow reuse of SSL/TLS session identifiers. SSL/TLS session identifiers are invalidated upon termination of the session. Azure sessions rely on Azure-managed certificate authorities (CAs) for the establishment of secure sessions through the use of Secure Socket Layer (SSL) and Transport Layer Security (TLS) certificates. These certificates, after verification by the Azure CAs, facilitate the establishment of protected sessions between sessions at the infrastructure level. Session identifiers are invalidated upon user logout or termination.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC