Description
The information system limits the number of concurrent sessions for any user to [Assignment: organization-defined number of sessions].
Supplemental Guidance
None.
Enhancements
(0) None.
MITRE ATT&CK Techniques (4)
ATT&CK v16.1Techniques mitigated by this control, mapped via CTID.
Persistence 2 Credential Access 1 Collection 1
Credential Access
Collection
Compliance Mappings
ISO 27002:2022
5.15
COBIT 2019
DSS05
NIS2 Directive
Art. 21(2)(i)
MAS TRM
9
BSI IT-Grundschutz
ORP.4
ANSSI
Hygiene.12SecNumCloud.10.5
FINMA Circular 2023/1
IV.B.d(59)IV.C(61)
OSFI B-13
B-13.3.2
EU GDPR
Art.32(1)(b)
EU DORA
Art.9(4)(c)
BIO2
5.15
RBI CSF
Annex1.8
FISC Security Guidelines
FISC.T2
HKMA TM-E-1
TME1.8.4
SAMA CSF
3.1
NCA ECC
2-2
UAE IA
T9
CBB TM
TM-6
Qatar NIA
AC
CBUAE
CR-4
CBE CSF
CTO-1
SA JS2
JS2-7.1
CBN CSF
Part3.2
BoG CISD
CISD-VIII
BoM CTRM
3.3
IOSCO Cyber Resilience
PROT-1
FFIEC IS
II.C.15
ECB CROE
CROE.2.3.1
EBA ICT Guidelines
3.4.2
SEBI CSCRF
PR.AA
BOT Cyber Resilience
Ch2.2
CMMC 2.0
AC
IEEE 1686-2022
5.8
Common Criteria
CC Part 2 — FRU/FTA/FTP
Lloyd's Minimum Standards
MS8.3
HITRUST CSF v11
01.c
ISO 27799
9.5
ISO 17799 (legacy)
None.
COBIT 4.1 (legacy)
AC6