Detections
Analytics

CIS Apple macOS 13.0 Ventura v1.0.0 L1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 13.0 Ventura v1.0.0 L1

Updated: 1/9/2024

Authority: CIS

Plugin: Unix

Revision: 1.7

Estimated Item Count: 89

Audit Items

DescriptionCategories
1.1 Ensure All Apple-provided Software Is Current
1.2 Ensure Auto Update Is Enabled
1.3 Ensure Download New Updates When Available Is Enabled
1.4 Ensure Install of macOS Updates Is Enabled
1.5 Ensure Install Application Updates from the App Store Is Enabled
1.6 Ensure Install Security Responses and System Files Is Enabled - ConfigDataInstall
1.6 Ensure Install Security Responses and System Files Is Enabled - CriticalUpdateInstall
1.7 Ensure Software Update Deferment Is Less Than or Equal to 30 Days
2.2.1 Ensure Firewall Is Enabled
2.2.2 Ensure Firewall Stealth Mode Is Enabled
2.3.1.1 Ensure AirDrop Is Disabled
2.3.1.2 Ensure AirPlay Receiver Is Disabled
2.3.2.1 Ensure Set Time and Date Automatically Is Enabled
2.3.2.2 Ensure Time Is Set Within Appropriate Limits
2.3.3.1 Ensure DVD or CD Sharing Is Disabled
2.3.3.2 Ensure Screen Sharing Is Disabled
2.3.3.3 Ensure File Sharing Is Disabled
2.3.3.4 Ensure Printer Sharing Is Disabled
2.3.3.5 Ensure Remote Login Is Disabled
2.3.3.6 Ensure Remote Management Is Disabled
2.3.3.7 Ensure Remote Apple Events Is Disabled
2.3.3.8 Ensure Internet Sharing Is Disabled
2.3.3.11 Ensure Bluetooth Sharing Is Disabled
2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled
2.4.1 Ensure Show Wi-Fi status in Menu Bar Is Enabled
2.4.2 Ensure Show Bluetooth Status in Menu Bar Is Enabled
2.5.1 Audit Siri Settings
2.6.3 Ensure Limit Ad Tracking Is Enabled
2.6.4 Ensure Gatekeeper Is Enabled
2.6.5 Ensure FileVault Is Enabled - dontAllowFDEDisable
2.6.5 Ensure FileVault Is Enabled - fdesetup
2.6.7 Ensure an Administrator Password Is Required to Access System-Wide Preferences
2.8.1 Audit Universal Control Settings
2.9.1 Ensure Power Nap Is Disabled for Intel Macs
2.9.2 Ensure Wake for Network Access Is Disabled
2.10.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled
2.10.2 Ensure a Password is Required to Wake the Computer From Sleep or Screen Saver Is Enabled - askForPassword
2.10.2 Ensure a Password is Required to Wake the Computer From Sleep or Screen Saver Is Enabled - askForPasswordDelay
2.10.3 Ensure a Custom Message for the Login Screen Is Enabled
2.10.4 Ensure Login Window Displays as Name and Password Is Enabled
2.10.5 Ensure Show Password Hints Is Disabled
2.11.1 Ensure Users' Accounts Do Not Have a Password Hint
2.11.2 Audit Touch ID and Wallet & Apple Pay Settings
2.12.1 Ensure Guest Account Is Disabled
2.12.2 Ensure Guest Access to Shared Folders Is Disabled
2.12.3 Ensure Automatic Login Is Disabled
2.13.1 Audit Passwords System Preference Setting
2.14.1 Audit Notification & Focus Settings
3.1 Ensure Security Auditing Is Enabled
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_max