CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1

Updated: 5/5/2025

Authority: CIS

Plugin: Unix

Revision: 1.2

Estimated Item Count: 49

File Details

Filename: CIS_Apple_macOS_12.0_Monterey_Cloud-tailored_v1.0.0_L1.audit

Size: 86.9 kB

MD5: 694456415feaf11b4b21b0a3bc7d8103
SHA256: f9bf48b75c1970b9de73678f1b3604ce099c0a456dd0d17faa509f33d6f686b3

Audit Items

DescriptionCategories
1.1 Ensure All Apple-provided Software Is Current
1.2 Ensure Auto Update Is Enabled
1.3 Ensure Download New Updates When Available Is Enabled
1.4 Ensure Installation of App Update Is Enabled
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled
1.6 Ensure Install of macOS Updates Is Enabled
2.1.1 Ensure "Set time and date automatically" Is Enabled
2.1.2 Ensure Time Is Set Within Appropriate Limits
2.2.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled
2.3.1 Ensure Remote Apple Events Is Disabled
2.3.2 Ensure File Sharing Is Disabled
2.4.1.1 Ensure Firewall Is Enabled
2.4.1.2 Ensure Firewall Stealth Mode Is Enabled
2.4.3 Ensure Limit Ad Tracking Is Enabled
2.4.4 Ensure Gatekeeper Is Enabled
2.4.5 Ensure a Custom Message for the Login Screen Is Enabled
2.4.6 Ensure a Password is Required to Wake the Computer From Sleep or Screen Saver Is Enabled
3.1 Ensure Security Auditing Is Enabled
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size
3.4 Ensure Security Auditing Retention Is Enabled
3.5 Ensure Access to Audit Records Is Controlled
3.6 Ensure Firewall Logging Is Enabled and Configured
4.2 Ensure HTTP Server Is Disabled
4.3 Ensure NFS Server Is Disabled
5.1.1 Ensure Home Folders Are Secure
5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled
5.1.3 Ensure Apple Mobile File Integrity (AMFI) Is Enabled
5.1.4 Ensure Signed System Volume (SSV) Is Enabled
5.1.5 Ensure Appropriate Permissions Are Enabled for System Wide Applications
5.1.6 Ensure No World Writable Files Exist in the System Folder
5.2.1 Ensure Password Account Lockout Threshold Is Configured
5.2.2 Ensure Password Minimum Length Is Configured
5.2.7 Ensure Password Age Is Configured
5.2.8 Ensure Password History Is Configured
5.3 Ensure the Sudo Timeout Period Is Set to Zero
5.4 Ensure a Separate Timestamp Is Enabled for Each User/tty Combo
5.5 Ensure the "root" Account Is Disabled
5.6 Ensure Automatic Login Is Disabled
5.7 Ensure an Administrator Account Cannot Log In to Another User's Active and Locked Session
5.9 Ensure Users' Accounts Do Not Have a Password Hint
5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled
5.11 Ensure XProtect Is Running and Updated
6.1.1 Ensure Login Window Displays as Name and Password Is Enabled
6.1.2 Ensure Show Password Hints Is Disabled
6.1.3 Ensure Guest Account Is Disabled
6.1.4 Ensure Guest Access to Shared Folders Is Disabled
6.1.5 Ensure the Guest Home Folder Does Not Exist
6.2 Ensure Show All Filename Extensions Setting is Enabled
CIS_Apple_macOS_12.0_Monterey_Cloud-tailored_v1.0.0_L1.audit from CIS Apple macOS 12.0 Monterey Cloud-tailored Benchmark v1.0.0