d47a831c-3a18-43bd-996d-12c3002cd98e
This setting controls how long a session will remain connected if it is unexpectedly terminated. Such sessions use system resources and pose a security risk. Disconnected sessions should be terminated after a certain time.
This stig applies only for Windows Server 2012
To configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Remote Desktop Services
|_ Remote Desktop Session Host
|_ Session Time Limits
|_ Set time limit for disconnected sessions To "Enabled", and "End a disconnected session" to "1 minute".
Remote desktop services disconnected sessions time out should be enabled and set to 1 Minute.
STIG Server 2012: https://www.stigviewer.com/stig/windows_server_2012_member_server/2014-01-07/finding/V-3457
Server 2008: https://www.stigviewer.com/stig/windows_2008_domain_controller/2015-09-02/finding/V-3457
NIST 800-171: SC10,SC23
NIST 800-53: AC-12
MITRE Att&ck: T1021.001, T1563.002 Mitigations: M1028