Check: WN10-00-000250
Microsoft Windows 10 STIG:
WN10-00-000250
(in versions v3 r2 through v2 r6)
Title
Windows 10 nonpersistent VM sessions must not exceed 24 hours. (Cat II impact)
Discussion
For virtual desktop implementations (VDIs) where the virtual desktop instance is deleted or refreshed upon logoff, the organization should enforce that sessions be terminated within 24 hours. This would ensure any data stored on the VM that is not encrypted or covered by Credential Guard is deleted.
Check Content
Ensure there is a documented policy or procedure in place that nonpersistent VM sessions do not exceed 24 hours. If the system is NOT a nonpersistent VM, this is Not Applicable. If no such documented policy or procedure is in place, this is a finding.
Fix Text
Set nonpersistent VM sessions to not exceed 24 hours.
Additional Identifiers
Rule ID: SV-220738r958552_rule
Vulnerability ID: V-220738
Group Title: SRG-OS-000185-GPOS-00079
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001199 |
Protects the confidentiality and/or integrity of organization-defined information at rest. |
Controls
Number | Title |
---|---|
SC-28 |
Protection of Information at Rest |