Detections
Analytics
CIS Apple macOS 15.0 Sequoia v1.1.0 L1
Audit Details
Name: CIS Apple macOS 15.0 Sequoia v1.1.0 L1
Updated: 8/12/2025
Authority: CIS
Plugin: Unix
Revision: 1.0
Estimated Item Count: 92
File Details
Filename: CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L1.audit
Size: 300 kB
Audit Items
| Description | Categories |
|---|---|
| 1.1 Ensure All Apple-provided Software Is Current | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2 Ensure Download New Updates When Available Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Install of macOS Updates Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install Application Updates from the App Store Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.5 Ensure Install Security Responses and System Files Is Enabled | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure Software Update Deferment Is Less Than or Equal to 30 Days | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.7 Ensure the System is Managed by a Mobile Device Management (MDM) Software | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.2.1 Ensure Firewall Is Enabled | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.2 Ensure Firewall Stealth Mode Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.1.1 Ensure AirDrop Is Disabled When Not Actively Transferring Files | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.1.2 Ensure AirPlay Receiver Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.2.1 Ensure Set Time and Date Automatically Is Enabled | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 Ensure the Time Service Is Enabled | AUDIT AND ACCOUNTABILITY |
| 2.3.3.1 Ensure Screen Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.2 Ensure File Sharing Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.3 Ensure Printer Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.4 Ensure Remote Login Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.5 Ensure Remote Management Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.6 Ensure Remote Apple Events Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.7 Ensure Internet Sharing Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.10 Ensure Bluetooth Sharing Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4.1 Ensure Show Wi-Fi status in Menu Bar Is Enabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4.2 Ensure Show Bluetooth Status in Menu Bar Is Enabled | CONFIGURATION MANAGEMENT |
| 2.5.1.1 Ensure External Intelligence Extensions Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.2 Ensure Writing Tools Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.3 Ensure Mail Summarization Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.4 Ensure Notes Summarization Is Disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.2.1 Ensure Siri Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.2.2 Ensure Listen for (Siri) Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.3.1 Ensure Share Mac Analytics Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.3.2 Ensure Improve Siri & Dictation Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.3.3 Ensure Improve Assistive Voice Features Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.3.4 Ensure 'Share with app developers' Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.3.5 Ensure Share iCloud Analytics Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.4 Ensure Limit Ad Tracking Is Enabled | CONFIGURATION MANAGEMENT |
| 2.6.5 Ensure Gatekeeper Is Enabled | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6 Ensure FileVault Is Enabled | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.8 Ensure an Administrator Password Is Required to Access System-Wide Preferences | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8.1 Audit Universal Control Settings | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.9.1 Ensure Help Apple Improve Search Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.10.2 Ensure Power Nap Is Disabled for Intel Macs | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.10.3 Ensure Wake for Network Access Is Disabled | CONFIGURATION MANAGEMENT |
| 2.11.1 Ensure an Inactivity Interval of 15 Minutes Or Less for the Screen Saver Is Enabled | ACCESS CONTROL |
| 2.11.2 Ensure Require Password After Screen Saver Begins or Display Is Turned Off Is Enabled for 5 Seconds or Immediately | IDENTIFICATION AND AUTHENTICATION |
| 2.11.3 Ensure a Custom Message for the Login Screen Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.11.4 Ensure Login Window Displays as Name and Password Is Enabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.11.5 Ensure Show Password Hints Is Disabled | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.12.1 Ensure Users' Accounts Do Not Have a Password Hint | IDENTIFICATION AND AUTHENTICATION |
| 2.12.2 Audit Touch ID | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION |