CIS Apple macOS 10.14 v2.0.0 L1
Audit Details
Name: CIS Apple macOS 10.14 v2.0.0 L1
Updated: 3/7/2023
Authority: CIS
Plugin: Unix
Revision: 1.3
Estimated Item Count: 79
File Details
Filename: CIS_Apple_macOS_10.14_v2.0.0_L1.audit
Size: 222 kB
Audit Items
| Description | Categories |
|---|---|
| 1.1 Verify all Apple-provided software is current | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2 Ensure Auto Update Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Download New Updates When Available is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Installation of App Update Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'ConfigDataInstall' | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled - 'CriticalUpdateInstall' | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure Install of macOS Updates Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Turn off Bluetooth, if no paired devices exist | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.2 Ensure Show Bluetooth Status in Menu Bar Is Enabled | CONFIGURATION MANAGEMENT |
| 2.2.1 Ensure 'Set time and date automatically' Is Enabled - Set time and date automatically | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure time set is within appropriate limits | AUDIT AND ACCOUNTABILITY |
| 2.3.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled | ACCESS CONTROL |
| 2.3.3 Audit Lock Screen and Start Screen Saver Tools | ACCESS CONTROL |
| 2.4.1 Ensure Remote Apple Events Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.2 Ensure Internet Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.3 Ensure Screen Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.4 Ensure Printer Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.5 Ensure Remote Login Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.6 Ensure DVD or CD Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.7 Ensure Bluetooth Sharing Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 2.4.8 Ensure File Sharing Is Disabled - AppleFileServer | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.8 Ensure File Sharing Is Disabled - SMB | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.9 Ensure Remote Management Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.11 Ensure AirDrop Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.1 Ensure FileVault Is Enabled | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.2 Ensure all user storage APFS volumes are encrypted | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.2.1 Ensure Gatekeeper is Enabled | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.2.2 Ensure Firewall Is Enabled | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.2.3 Ensure Firewall Stealth Mode Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.6 Ensure Limit Ad Tracking Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.7.2 Ensure Time Machine Volumes Are Encrypted | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Ensure Wake for Network Access Is Disabled | CONFIGURATION MANAGEMENT |
| 2.9 Ensure Power Nap Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Secure Keyboard Entry terminal.app is Enabled | CONFIGURATION MANAGEMENT |
| 2.11 Ensure EFI Version Is Valid and Checked Regularly - daemon | SYSTEM AND SERVICES ACQUISITION |
| 2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-check | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Audit Automatic Actions for Optical Media | CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 2.13 Audit Siri Settings | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Audit Sidecar Settings | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.15 Audit Touch ID and Wallet & Apple Pay Settings | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION |
| 3.1 Ensure Security Auditing Is Enabled | AUDIT AND ACCOUNTABILITY |
| 3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_max | AUDIT AND ACCOUNTABILITY |
| 3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttl | AUDIT AND ACCOUNTABILITY |
| 3.4 Ensure Security Auditing Retention Is Enabled | AUDIT AND ACCOUNTABILITY |
| 3.5 Ensure Access to Audit Records Is Controlled - /etc/security/audit_control | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled - /var/audit | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure Firewall Logging Is Enabled and Configured | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Show Wi-Fi status in Menu Bar Is Enabled - Show Wi-Fi status in menu bar | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure HTTP Server Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |