CIS Apple OSX 10.9 L2 v1.3.0

Audit Details

Name: CIS Apple OSX 10.9 L2 v1.3.0

Updated: 4/12/2023

Authority: CIS

Plugin: Unix

Revision: 1.17

Estimated Item Count: 37

File Details

Filename: CIS_Apple_OSX_10.9_v1.3.0_Level2.audit

Size: 60.9 kB

MD5: 409c0fcc0e31d08c9a3abd27ecf35d06
SHA256: d22cf570989efc30964c1fd6a55eef067080cb292726e21e5c4b2f361164b081

Audit Items

DescriptionCategories
2.2.1 Enable "Set time and date automatically"

AUDIT AND ACCOUNTABILITY

2.3.2 Secure screen saver corners - bottom left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - bottom right corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top right corner

ACCESS CONTROL

2.5.1 Disable "Wake for network access"

ACCESS CONTROL

2.5.2 Disable sleeping the computer when connected to power

ACCESS CONTROL

2.6.6 Enable Location Services

CONFIGURATION MANAGEMENT

2.6.7 Monitor Location Services Access

CONFIGURATION MANAGEMENT

2.7.1 iCloud configuration
2.7.2 iCloud keychain
2.8.1 Time Machine Auto-Backup

CONTINGENCY PLANNING

2.11 Java 6 is not the default Java runtime

CONFIGURATION MANAGEMENT

2.12 Configure Secure Empty Trash

CONFIGURATION MANAGEMENT

3.4 Enable remote logging for Desktops on trusted networks

AUDIT AND ACCOUNTABILITY

4.1 Disable Bonjour advertising service

SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Create network specific locations
5.1.5 Check Library folder for world writable files

ACCESS CONTROL

5.4 Automatically lock the login keychain for inactivity

IDENTIFICATION AND AUTHENTICATION

5.5 Ensure login keychain is locked when the computer sleeps

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - CRL

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - OCSP

IDENTIFICATION AND AUTHENTICATION

5.13 Create a Login window banner

ACCESS CONTROL

5.15 Disable Fast User Switching

ACCESS CONTROL

5.16 Secure individual keychains and items
5.17 Create specialized keychains for different purposes
5.18 Install an approved tokend for smartcard authentication

IDENTIFICATION AND AUTHENTICATION

6.4 Use parental controls for systems that are not centrally managed
7.1 Wireless technology on OS X
7.2 iSight Camera Privacy and Confidentiality Concerns
7.3 Computer Name Considerations
7.4 Software Inventory Considerations
7.5 Firewall Consideration
7.7 App Store Automatically download apps purchased on other Macs Considerations
7.8 Extensible Firmware Interface (EFI) password
7.9 Apple ID password reset
Apple OSX 10.9 Level 2, version 1.3.0

CONFIGURATION MANAGEMENT