Title

Remote Desktop Services must limit users to one remote session. (Cat II impact)

Discussion

Allowing multiple Remote Desktop Services sessions could consume resources. There is also potential to make a secondary connection to a system with compromised credentials.

Check Content

If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: fSingleSessionPerUser Type: REG_DWORD Value: 1

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Connections -> "Restrict Remote Desktop Services users to a single Remote Desktop Services Session" to "Enabled".

Additional Identifiers

Rule ID:

Vulnerability ID: V-3449

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.