Detections
Analytics

CIS Apple macOS 12.0 Monterey v2.1.0 L1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 12.0 Monterey v2.1.0 L1

Updated: 1/9/2024

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 79

File Details

Filename: CIS_Apple_macOS_12.0_Monterey_v2.1.0_L1.audit

Size: 218 kB

MD5: 8942d2613eae2f2e1a24426572763391
SHA256: f4dcb1ba4978aae7fb71d32d5d8591e9ef70b880a93540c7c8e7dcfc22a4f8b7

Audit Items

DescriptionCategories
1.1 Ensure All Apple-provided Software Is Current
1.2 Ensure Auto Update Is Enabled
1.3 Ensure Download New Updates When Available Is Enabled
1.4 Ensure Installation of App Update Is Enabled
1.5 Ensure System Data Files and Security Updates Are Downloaded Automatically Is Enabled
1.6 Ensure Install of macOS Updates Is Enabled
1.7 Ensure Software Update Deferment Is Less Than or Equal to 30 Days
2.1.1 Ensure Show Bluetooth Status in Menu Bar Is Enabled
2.1.2 Ensure Show Wi-Fi status in Menu Bar Is Enabled
2.2.1 Ensure 'Set time and date automatically' Is Enabled
2.2.2 Ensure Time Is Set Within Appropriate Limits
2.3.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled
2.4.1 Ensure Remote Apple Events Is Disabled
2.4.2 Ensure Internet Sharing Is Disabled
2.4.3 Ensure Screen Sharing Is Disabled
2.4.4 Ensure Printer Sharing Is Disabled
2.4.5 Ensure Remote Login Is Disabled
2.4.6 Ensure DVD or CD Sharing Is Disabled
2.4.7 Ensure Bluetooth Sharing Is Disabled
2.4.8 Ensure File Sharing Is Disabled
2.4.9 Ensure Remote Management Is Disabled
2.4.11 Ensure AirDrop Is Disabled When Not Actively Transferring Files
2.4.13 Ensure AirPlay Receiver Is Disabled
2.5.1.1 Ensure FileVault Is Enabled
2.5.1.2 Ensure all user storage APFS volumes are encrypted
2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted
2.5.2.1 Ensure Firewall Is Enabled
2.5.2.2 Ensure Firewall Stealth Mode Is Enabled
2.5.6 Ensure Limit Ad Tracking Is Enabled
2.5.7 Ensure Gatekeeper Is Enabled
2.5.8 Ensure a Custom Message for the Login Screen Is Enabled
2.5.9 Ensure an Administrator Password Is Required to Access System-Wide Preferences
2.5.10 Ensure a Password is Required to Wake the Computer From Sleep or Screen Saver Is Enabled
2.7.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled
2.8.2 Ensure Wake for Network Access Is Disabled
2.8.3 Ensure Power Nap Is Disabled for Intel Macs
2.9 Ensure Legacy EFI Is Valid and Updating
2.10 Audit Siri Settings
2.11 Audit Universal Control Settings
2.12 Audit Touch ID
2.13 Audit Notification & Focus Settings
2.14 Audit Passwords System Preference Setting
3.1 Ensure Security Auditing Is Enabled
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size
3.4 Ensure Security Auditing Retention Is Enabled
3.5 Ensure Access to Audit Records Is Controlled
3.6 Ensure Firewall Logging Is Enabled and Configured
4.2 Ensure HTTP Server Is Disabled
4.3 Ensure NFS Server Is Disabled
5.1.1 Ensure Home Folders Are Secure