CIS Apple macOS 10.15 Catalina v3.0.0 L2

Audit Details

Name: CIS Apple macOS 10.15 Catalina v3.0.0 L2

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 40

File Details

Filename: CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit

Size: 245 kB

MD5: 4bc7246e6e8d95db4b6eee3b9e246530
SHA256: 04df0bd61548d76e7b8a6785c6b26877a6d8e7afeb4b1196b2768b1354259a3f

Audit Items

DescriptionCategories
1.8 Ensure Computer Name Does Not Contain PII or Protected Organizational Information

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

2.3.2 Ensure Screen Saver Corners Are Secure - bl-corner

ACCESS CONTROL

2.3.2 Ensure Screen Saver Corners Are Secure - br-corner

ACCESS CONTROL

2.3.2 Ensure Screen Saver Corners Are Secure - tl-corner

ACCESS CONTROL

2.3.2 Ensure Screen Saver Corners Are Secure - tr-corner

ACCESS CONTROL

2.4.10 Ensure Content Caching Is Disabled

CONFIGURATION MANAGEMENT

2.4.12 Ensure Media Sharing Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.3 Ensure Location Services Is Enabled - launchctl

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.3 Ensure Location Services Is Enabled - LocationServicesEnabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.4 Audit Location Services Access

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - AutoSubmit

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - Siri Opt-In

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - Submission

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.1 Audit iCloud Keychain

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.2 Audit iCloud Drive

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.2 Audit App Store Password Settings

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.7.1 Ensure Backup Automatically is Enabled If Time Machine Is Enabled

CONTINGENCY PLANNING

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Apple DestroyFVKeyOnStandby

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Apple hibernatemode

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Apple standby

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel DestroyFVKeyOnStandby

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel hibernatemode

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel highstandbythreshold

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel standbydelayhigh

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel standbydelaylow

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.7 Audit Software Inventory

CONFIGURATION MANAGEMENT, MAINTENANCE

4.1 Ensure Bonjour Advertising Services Is Disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.6 Ensure No World Writable Files Exist in the Library Folder

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is Configured

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is Configured

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured

IDENTIFICATION AND AUTHENTICATION

5.8 Ensure a Login Window Banner Exists - permissions

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.8 Ensure a Login Window Banner Exists - text

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.1.1 Ensure Protect Mail Activity in Mail Is Enabled

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.2.2 Audit History and Remove History Items

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.2.6 Audit Hide IP Address in Safari Setting

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0