CIS Apple OSX 10.11 El Capitan L1 v1.1.0

Audit Details

Name: CIS Apple OSX 10.11 El Capitan L1 v1.1.0

Updated: 4/12/2023

Authority: CIS

Plugin: Unix

Revision: 1.16

Estimated Item Count: 81

File Details

Filename: CIS_OSX_10.11_v1.1.0_L1.audit

Size: 103 kB

MD5: 2411b776376a34844bc4d96daa0fb489
SHA256: d386c5041e6ae33923400527639b7df44458c7e7d90cf389b67318c4d6c369a6

Audit Items

DescriptionCategories
1.1 Verify all Apple provided software is current

SYSTEM AND INFORMATION INTEGRITY

1.2 Enable Auto Update

SYSTEM AND INFORMATION INTEGRITY

1.3 Enable app update installs

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'ConfigDataInstall'

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'CriticalUpdateInstall'

SYSTEM AND INFORMATION INTEGRITY

1.5 Enable OS X update installs

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is disabled

CONFIGURATION MANAGEMENT

2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is paired

CONFIGURATION MANAGEMENT

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devices

CONFIGURATION MANAGEMENT

2.1.3 Show Bluetooth status in menu bar

CONFIGURATION MANAGEMENT

2.2.2 Ensure time set is within appropriate limits

CONFIGURATION MANAGEMENT

2.2.3 Restrict NTP server to loopback interface - interface ignore wildcard

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.3 Restrict NTP server to loopback interface - interface listen lo

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.3 Restrict NTP server to loopback interface - restrict lo

SYSTEM AND COMMUNICATIONS PROTECTION

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver

ACCESS CONTROL

2.3.3 Verify Display Sleep is set to a value larger than the Screen Saver

ACCESS CONTROL

2.3.4 Set a screen corner to Start Screen Saver

ACCESS CONTROL

2.4.1 Disable Remote Apple Events

CONFIGURATION MANAGEMENT

2.4.2 Disable Internet Sharing

CONFIGURATION MANAGEMENT

2.4.3 Disable Screen Sharing

CONFIGURATION MANAGEMENT

2.4.4 Disable Printer Sharing

CONFIGURATION MANAGEMENT

2.4.5 Disable Remote Login

ACCESS CONTROL

2.4.6 Disable DVD or CD Sharing

CONFIGURATION MANAGEMENT

2.4.7 Disable Bluetooth Sharing

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - AppleFileServer

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMB

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent file does not exist'

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'

CONFIGURATION MANAGEMENT

2.6.1 Enable FileVault - Encryption Status

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.1 Enable FileVault - Encryption Type

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.2 Enable Gatekeeper

CONFIGURATION MANAGEMENT

2.6.3 Enable Firewall

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.4 Enable Firewall Stealth Mode

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall Rules

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are Encrypted

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'

CONFIGURATION MANAGEMENT

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'

ACCESS CONTROL

2.10 Enable Secure Keyboard Entry in terminal.app

CONFIGURATION MANAGEMENT

3.1.1 Retain system.log for 90 or more days

AUDIT AND ACCOUNTABILITY

3.1.2 Retain appfirewall.log for 90 or more days

AUDIT AND ACCOUNTABILITY

3.1.3 Retain authd.log for 90 or more days

AUDIT AND ACCOUNTABILITY

3.2 Enable security auditing

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more days

AUDIT AND ACCOUNTABILITY

4.2 Enable 'Show Wi-Fi status in menu bar'

CONFIGURATION MANAGEMENT

4.4 Ensure http server is not running

CONFIGURATION MANAGEMENT

4.5 Ensure ftp server is not running

CONFIGURATION MANAGEMENT

4.6 Ensure nfs server is not running

CONFIGURATION MANAGEMENT

5.1.1 Secure Home Folders

CONFIGURATION MANAGEMENT

5.1.2 Check System Wide Applications for appropriate permissions

ACCESS CONTROL