You need to enable JavaScript to run this app.
NIST 800-53 Rev. 5
AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
SC-1
SC-2
SC-2(1)
SC-2(2)
SC-3
SC-3(1)
SC-3(2)
SC-3(3)
SC-3(4)
SC-3(5)
SC-4
SC-12(4)
SC-4(2)
SC-5
SC-5(1)
SC-5(2)
SC-5(3)
SC-6
SC-7
SC-12(5)
SC-13(1)
SC-7(3)
SC-7(4)
SC-7(5)
SC-13(2)
SC-7(7)
SC-7(8)
SC-7(9)
SC-7(10)
SC-7(11)
SC-7(12)
SC-7(13)
SC-7(14)
SC-7(15)
SC-7(16)
SC-7(17)
SC-7(18)
SC-7(19)
SC-7(20)
SC-7(21)
SC-7(22)
SC-7(23)
SC-7(24)
SC-7(25)
SC-7(26)
SC-7(27)
SC-7(28)
SC-7(29)
SC-8
SC-8(1)
SC-8(2)
SC-8(3)
SC-8(4)
SC-8(5)
SC-13(3)
SC-10
SC-11
SC-11(1)
SC-12
SC-12(1)
SC-12(2)
SC-12(3)
SC-13(4)
SC-14
SC-12(6)
SC-13
SC-15(2)
SC-19
SC-20(1)
SC-21(1)
SC-23(2)
SC-15
SC-15(1)
SC-23(4)
SC-15(3)
SC-15(4)
SC-16
SC-16(1)
SC-16(2)
SC-16(3)
SC-17
SC-18
SC-18(1)
SC-18(2)
SC-18(3)
SC-18(4)
SC-18(5)
SC-26(1)
SC-20
SC-30(1)
SC-20(2)
SC-21
SC-33
SC-22
SC-23
SC-23(1)
SC-34(3)
SC-23(3)
SC-4(1)
SC-23(5)
SC-24
SC-25
SC-26
SC-42(3)
SC-27
SC-28
SC-28(1)
SC-28(2)
SC-28(3)
SC-29
SC-29(1)
SC-30
SC-7(1)
SC-30(2)
SC-30(3)
SC-30(4)
SC-30(5)
SC-31
SC-31(1)
SC-31(2)
SC-31(3)
SC-32
SC-32(1)
SC-7(2)
SC-34
SC-34(1)
SC-34(2)
SC-7(6)
SC-35
SC-36
SC-36(1)
SC-36(2)
SC-37
SC-37(1)
SC-38
SC-39
SC-39(1)
SC-39(2)
SC-40
SC-40(1)
SC-40(2)
SC-40(3)
SC-40(4)
SC-41
SC-42
SC-42(1)
SC-42(2)
SC-9
SC-42(4)
SC-42(5)
SC-43
SC-44
SC-45
SC-45(1)
SC-45(2)
SC-46
SC-47
SC-48
SC-48(1)
SC-49
SC-50
SC-51
SC-23(1): Session Authenticity | Invalidate Session Identifiers at Logout
Control Text:
Copy Text
Invalidate session identifiers upon user logout or other session termination.
Discussion
Invalidating session identifiers at logout curtails the ability of adversaries to capture and continue to employ previously valid session IDs.
Related Controls
None