Navigate

CCI-002363

CCI-002363 Definition

Provide a logout capability for user-initiated communications sessions whenever authentication is used to gain access to organization-defined information resources.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if a logout capability is provided for user-initiated communications sessions whenever authentication is used to gain access to [AC-12(01)_ODP; information resources for which a logout capability for user-initiated communications sessions is required are defined].

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing session termination; user logout messages; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: System session termination mechanisms; logout capabilities for user-initiated communications sessions].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002363.

Control	Description
AC-12(1)	Provide a logout capability for user-initiated communications sessions whenever authentication is used to gain access to [information resources for which a logout capability for user-initiated communications sessions is required are defined;].