CMMC Practice SC.3.190: Protect the authenticity of communications sessions.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
The authentication of a session refers to a user entering login credentials to identify themselves to establish communication to the system. As the communication is established a unique session id is generated to identify the user session as authenticated. Organizations need to develop and implement the necessary controls to validate the identification and protect the session id from attacks such as hijacking.