Can the Neo4j DBMS limit the number of concurrent sessions to an organization-defined number per user for all accounts and account types?

I'm trying to verify that Neo4j is meeting the cybersecurity requirements for a DBMS. I've searched through the neo4j-operations-manual-4.2.pdf and can't find any reference to concurrent sessions. Is there somewhere else I should be looking?

at this time there are no 'quotas' available. relative to number of connections/sessions etc.

This is an interesting question around multi-tenancy of Neo4j. In 4.x Neo4j introduced multi-database. While you can limit the total number of sessions, and the amount of time or ram for a query, it will be for all the databases. All of the databases and users are sharing the same pool of resources and while Neo4j is on it's journey to multi-tenancy - that is some time in the future. Can you explain how this fits into your cyber security tests?
If you look in Configuration settings - Operations Manual
there are settings for connection timeouts, pool max size, query cache size, max amount of ram per query and query timeout. These would let you setup a server that would help make the resources available without someone hogging it.