Check: WN11-00-000250
Microsoft Windows 11 STIG:
WN11-00-000250
(in versions v1 r6 through v1 r3)
Title
Windows 11 nonpersistent VM sessions must not exceed 24 hours. (Cat II impact)
Discussion
For virtual desktop implementations (VDIs) where the virtual desktop instance is deleted or refreshed upon logoff, the organization must enforce that sessions be terminated within 24 hours. This would ensure any data stored on the VM that is not encrypted or covered by Credential Guard is deleted.
Check Content
Verify there is a documented policy or procedure in place that nonpersistent VM sessions do not exceed 24 hours. If the system is NOT a nonpersistent VM, this is Not Applicable. For Azure Virtual Desktop (AVD) implementations with no data at rest, this is Not Applicable. If there is no such documented policy or procedure in place, this is a finding.
Fix Text
Set nonpersistent VM sessions to not exceed 24 hours.
Additional Identifiers
Rule ID: SV-253295r890452_rule
Vulnerability ID: V-253295
Group Title: SRG-OS-000185-GPOS-00079
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001199 |
The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
Controls
| Number | Title |
|---|---|
| SC-28 |
Protection Of Information At Rest |