| 2.2.1 Enable 'Set time and date automatically' | AUDIT AND ACCOUNTABILITY |
| 2.3.2 Secure screen saver corners - bottom left corner | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - bottom right corner | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - top left corner | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - top right corner | ACCESS CONTROL |
| 2.5.1 Disable 'Wake for network access' | ACCESS CONTROL |
| 2.5.2 Disable sleeping the computer when connected to power | ACCESS CONTROL |
| 2.6.6 Enable Location Services | CONFIGURATION MANAGEMENT |
| 2.6.7 Monitor Location Services Access | CONFIGURATION MANAGEMENT |
| 2.7.1 iCloud configuration | |
| 2.7.2 iCloud keychain | |
| 2.7.3 iCloud Drive | |
| 2.8.1 Time Machine Auto-Backup | CONTINGENCY PLANNING |
| 2.11 Java 6 is not the default Java runtime | CONFIGURATION MANAGEMENT |
| 2.12 Securely delete files as needed | |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events' | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events' | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | AUDIT AND ACCOUNTABILITY |
| 3.4 Enable remote logging for Desktops on trusted networks | AUDIT AND ACCOUNTABILITY |
| 4.1 Disable Bonjour advertising service | CONFIGURATION MANAGEMENT |
| 4.3 Create network specific locations | |
| 5.1.4 Check Library folder for world writable files | ACCESS CONTROL |
| 5.4 Automatically lock the login keychain for inactivity | IDENTIFICATION AND AUTHENTICATION |
| 5.5 Ensure login keychain is locked when the computer sleeps | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Enable OCSP and CRL certificate checking - CRLStyle | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Enable OCSP and CRL certificate checking - OCSPStyle | IDENTIFICATION AND AUTHENTICATION |
| 5.13 Create a Login window banner | ACCESS CONTROL |
| 5.15 Disable Fast User Switching | ACCESS CONTROL |
| 5.16 Secure individual keychain and items | |
| 5.17 Create specialized keychains for different purposes | |
| 5.19 Install an approved tokend for smartcard authentication | IDENTIFICATION AND AUTHENTICATION |
| 6.4 Safari disable Internet Plugins for global use | CONFIGURATION MANAGEMENT |
| 6.5 Use parental controls for systems that are not centrally managed | |
| 7.1 Wireless technology on OS X | |
| 7.2 iSight Camera Privacy and Confidentiality Concerns | |
| 7.3 Computer Name Considerations | |
| 7.4 Software Inventory Considerations | |
| 7.5 Firewall Consideration | |
| 7.7 App Store Automatically download apps purchased on other Macs Considerations | |
| 7.8 Extensible Firmware Interface (EFI) password | |
| 7.9 Apple ID password reset | |
| 7.11 App Store Password Settings | |
| Apple OSX 10.11 El Capitan Level 2, version 1.1.0 | CONFIGURATION MANAGEMENT |
