CIS Apple macOS 10.12 L2 v1.2.0

Audit Details

Name: CIS Apple macOS 10.12 L2 v1.2.0

Updated: 4/12/2023

Authority: CIS

Plugin: Unix

Revision: 1.6

Estimated Item Count: 50

File Details

Filename: CIS_Apple_macOS_10.12_v1.2.0_Level_2.audit

Size: 98 kB

MD5: 673c623568c1b6ce8a6f6369d6664728
SHA256: 85eba251b890b2a8b6a02ff24f26b347163f4b5b661bf0ed6226fff5e513ef1a

Audit Items

DescriptionCategories
2.3.2 Secure screen saver corners - bottom left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - bottom right corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top right corner

ACCESS CONTROL

2.6.6 Enable Location Services

CONFIGURATION MANAGEMENT

2.6.7 Monitor Location Services Access

CONFIGURATION MANAGEMENT

2.6.7 Monitor Location Services Access - evaluate application

AUDIT AND ACCOUNTABILITY

2.6.8 Disable sending diagnostic and usage data to Apple

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.7.1 iCloud configuration

ACCESS CONTROL

2.7.2 iCloud keychain

ACCESS CONTROL

2.7.3 iCloud Drive

ACCESS CONTROL

2.7.4 iCloud Drive Document sync

CONFIGURATION MANAGEMENT

2.7.5 iCloud Drive Desktop sync

CONFIGURATION MANAGEMENT

2.8.1 Time Machine Auto-Backup

CONTINGENCY PLANNING

2.11 Java 6 is not the default Java runtime

CONFIGURATION MANAGEMENT

2.12 Securely delete files as needed

CONFIGURATION MANAGEMENT

3.2 Configure Security Auditing Flags - 'audit all failed events across all audit classes'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed administrative events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed file deletion events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed login/logout events'

AUDIT AND ACCOUNTABILITY

4.1 Disable Bonjour advertising service

CONFIGURATION MANAGEMENT

4.3 Create network specific locations

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Check Library folder for world writable files

ACCESS CONTROL

5.2.3 Complex passwords must contain an Alphabetic Character
5.2.4 Complex passwords must contain a Numeric Character

IDENTIFICATION AND AUTHENTICATION

5.2.5 Complex passwords must contain a Special Character
5.2.6 Complex passwords must uppercase and lowercase letters
5.5 Automatically lock the login keychain for inactivity

ACCESS CONTROL

5.6 Ensure login keychain is locked when the computer sleeps

IDENTIFICATION AND AUTHENTICATION

5.7 Enable OCSP and CRL certificate checking - CRLStyle

IDENTIFICATION AND AUTHENTICATION

5.7 Enable OCSP and CRL certificate checking - OCSPStyle

IDENTIFICATION AND AUTHENTICATION

5.11 Ensure system is set to hibernate

CONFIGURATION MANAGEMENT

5.15 Create a Login window banner

ACCESS CONTROL

5.17 Disable Fast User Switching

ACCESS CONTROL

5.18 Secure individual keychains and items

IDENTIFICATION AND AUTHENTICATION

5.19 Create specialized keychains for different purposes

IDENTIFICATION AND AUTHENTICATION

6.4 Safari disable Internet Plugins for global use

CONFIGURATION MANAGEMENT

6.5 Use parental controls for systems that are not centrally managed

CONFIGURATION MANAGEMENT

7.1 Wireless technology on macOS

ACCESS CONTROL

7.2 iSight Camera Privacy and Confidentiality Concerns

CONFIGURATION MANAGEMENT

7.3 Computer Name Considerations

CONFIGURATION MANAGEMENT

7.4 Software Inventory Considerations

CONFIGURATION MANAGEMENT

7.5 Firewall Consideration

CONFIGURATION MANAGEMENT

7.7 App Store Automatically download apps purchased on other Macs Considerations

CONFIGURATION MANAGEMENT

7.8 Extensible Firmware Interface (EFI) password

CONFIGURATION MANAGEMENT

7.9 FileVault and Local Account Password Reset using AppleID

ACCESS CONTROL

7.11 App Store Password Settings

ACCESS CONTROL, CONFIGURATION MANAGEMENT

7.15 System information backup to remote computers

CONTINGENCY PLANNING

CIS_Apple_macOS_10.12_v1.2.0_Level_2.audit from CIS Apple macOS 10.12 Benchmark v1.2.0