CIS Apple macOS 10.14 v2.0.0 L1

Audit Details

Name: CIS Apple macOS 10.14 v2.0.0 L1

Updated: 4/12/2023

Authority: CIS

Plugin: Unix

Revision: 1.4

Estimated Item Count: 79

File Details

Filename: CIS_Apple_macOS_10.14_v2.0.0_L1.audit

Size: 223 kB

MD5: 7e6ba263603ec6688e91ca5bbda7316d
SHA256: 5f0a062512622d923428bcd59591da3f5d6bbcdf96f923fb0666ec1317595fb7

Audit Items

DescriptionCategories
1.1 Verify all Apple-provided software is current

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2 Ensure Auto Update Is Enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Download New Updates When Available is Enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Installation of App Update Is Enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'ConfigDataInstall'

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'CriticalUpdateInstall'

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure Install of macOS Updates Is Enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Turn off Bluetooth, if no paired devices exist

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.2 Ensure Show Bluetooth Status in Menu Bar Is Enabled

CONFIGURATION MANAGEMENT

2.2.1 Ensure 'Set time and date automatically' Is Enabled - Set time and date automatically

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure time set is within appropriate limits

AUDIT AND ACCOUNTABILITY

2.3.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled

ACCESS CONTROL

2.3.3 Audit Lock Screen and Start Screen Saver Tools

ACCESS CONTROL

2.4.1 Ensure Remote Apple Events Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.2 Ensure Internet Sharing Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.3 Ensure Screen Sharing Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.4 Ensure Printer Sharing Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.5 Ensure Remote Login Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.6 Ensure DVD or CD Sharing Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.7 Ensure Bluetooth Sharing Is Disabled

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

2.4.8 Ensure File Sharing Is Disabled - AppleFileServer

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.8 Ensure File Sharing Is Disabled - SMB

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.9 Ensure Remote Management Is Disabled

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.11 Ensure AirDrop Is Disabled

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1.1 Ensure FileVault Is Enabled

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.1.2 Ensure all user storage APFS volumes are encrypted

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted

IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.2.1 Ensure Gatekeeper is Enabled

SYSTEM AND INFORMATION INTEGRITY

2.5.2.2 Ensure Firewall Is Enabled

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.3 Ensure Firewall Stealth Mode Is Enabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.6 Ensure Limit Ad Tracking Is Enabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.7.2 Ensure Time Machine Volumes Are Encrypted

CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Ensure Wake for Network Access Is Disabled

CONFIGURATION MANAGEMENT

2.9 Ensure Power Nap Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10 Ensure Secure Keyboard Entry terminal.app is Enabled

CONFIGURATION MANAGEMENT

2.11 Ensure EFI Version Is Valid and Checked Regularly - daemon

SYSTEM AND SERVICES ACQUISITION

2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-check

SYSTEM AND SERVICES ACQUISITION

2.12 Audit Automatic Actions for Optical Media

CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

2.13 Audit Siri Settings

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Audit Sidecar Settings

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15 Audit Touch ID and Wallet & Apple Pay Settings

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION

3.1 Ensure Security Auditing Is Enabled

AUDIT AND ACCOUNTABILITY

3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_max

AUDIT AND ACCOUNTABILITY

3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttl

AUDIT AND ACCOUNTABILITY

3.4 Ensure Security Auditing Retention Is Enabled

AUDIT AND ACCOUNTABILITY

3.5 Ensure Access to Audit Records Is Controlled - /etc/security/audit_control

ACCESS CONTROL, MEDIA PROTECTION

3.5 Ensure Access to Audit Records Is Controlled - /var/audit

ACCESS CONTROL, MEDIA PROTECTION

3.6 Ensure Firewall Logging Is Enabled and Configured

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure Show Wi-Fi status in Menu Bar Is Enabled - Show Wi-Fi status in menu bar

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure HTTP Server Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION