What are the recommended defenses against net session exploitation?

Defenses include restricting domain users from using high-privilege accounts (like domain administrator) for remote connections via `net use`, and ensuring users promptly clear their net sessions with `net session /delete /y` or `net use * /del /y` after use. These practices limit the availability of exploitable tokens if a host is compromised.