| 1.8 Ensure Computer Name Does Not Contain PII or Protected Organizational Information | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 2.3.2 Ensure Screen Saver Corners Are Secure - bottom left corner | ACCESS CONTROL |
| 2.3.2 Ensure Screen Saver Corners Are Secure - bottom right corner | ACCESS CONTROL |
| 2.3.2 Ensure Screen Saver Corners Are Secure - top left corner | ACCESS CONTROL |
| 2.3.2 Ensure Screen Saver Corners Are Secure - top right corner | ACCESS CONTROL |
| 2.4.10 Ensure Content Caching Is Disabled | CONFIGURATION MANAGEMENT |
| 2.4.12 Ensure Media Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.3 Ensure Location Services Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.4 Audit Location Services Access | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1.1 Audit iCloud Keychain | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1.2 Audit iCloud Drive | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - Desktop | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - Document | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.2 Audit App Store Password Settings | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.7.1 Ensure Backup Automatically is Enabled | CONTINGENCY PLANNING |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - DestroyFVKeyOnStandby | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - hibernatemode | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - highstandbythreshold | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - standbydelayhigh | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - standbydelaylow | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit all authorization and authentication events' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit all failed write actions where enforcement stopped a file write' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit failed program execution' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit successful/failed administrative events' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit successful/failed file attribute modification events' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure Security Auditing Flags For User-Attributable Events Are Configured Per Local Organizational Requirements - 'audit successful/failed login/logout events' | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.7 Audit Software Inventory | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.1.6 Ensure No World Writable Files Exist in the Library Folder | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is Configured | IDENTIFICATION AND AUTHENTICATION |
| 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured | IDENTIFICATION AND AUTHENTICATION |
| 5.8 Ensure a Login Window Banner Exists | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.10 Ensure Fast User Switching Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| CIS_Apple_macOS_10.15_v2.1.0_L2.audit from CIS Apple macOS 10.15 Benchmark v2.1.0 | |
