CCC.LB.C05: Validate Session Affinity
Control ID:CCC.LB.C05
Title:Validate Session Affinity
Objective:Configure session persistence to minimise fixation and hijacking
risks.
Control Family:Identity and Access Management
Guideline Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|
NIST-CSF | PR.AC-7 | 0 | Least functionality is enforced |
NIST_800_53 | SC-23 | 0 | Session authenticity |
Assessment Requirements
| ID | Description | Applicability |
|---|
| CCC.LB.C05.TR01 | When stickiness is enabled, session cookies MUST expire
within 30 minutes of inactivity.
| tlp-green tlp-amber tlp-red |