WN10-00-000250 - Windows 10 non-persistent VM sessions should not exceed 24 hours.

Information

For virtual desktop implementations (VDIs) where the virtual desktop instance is deleted or refreshed upon logoff, the organization should enforce that sessions be terminated within 24 hours. This would ensure any data stored on the VM that is not encrypted or covered by Credential Guard is deleted.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Set non-persistent VM sessions to not exceed 24 hours.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_10_V2R4_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-28, CAT|II, CCI|CCI-001199, Rule-ID|SV-220738r569187_rule, STIG-ID|WN10-00-000250, STIG-Legacy|SV-111557, STIG-Legacy|V-102611, Vuln-ID|V-220738

Plugin: Windows

Control ID: 4842a2fe08eef599d70c2f153d5c4df1ac8f7a02a6ba636460875a2239366bcc