| APPL-26-000001 - The macOS system must prevent Apple Watch from terminating a session lock. | ACCESS CONTROL |
| APPL-26-000002 - The macOS system must enforce screen saver password. | ACCESS CONTROL |
| APPL-26-000003 - The macOS system must enforce session lock no more than five seconds after screen saver is started. | ACCESS CONTROL |
| APPL-26-000005 - The macOS system must configure user session lock when a smart token is removed. | ACCESS CONTROL |
| APPL-26-000007 - The macOS system must disable hot corners. | ACCESS CONTROL |
| APPL-26-000009 - The macOS system must prevent AdminHostInfo from being available at LoginWindow. | ACCESS CONTROL |
| APPL-26-000012 - The macOS system must automatically remove or disable temporary or emergency user accounts within 72 hours. | ACCESS CONTROL |
| APPL-26-000014 - The macOS system must enforce time synchronization. | AUDIT AND ACCOUNTABILITY |
| APPL-26-000022 - The macOS system must limit consecutive failed login attempts to three. | ACCESS CONTROL |
| APPL-26-000023 - The macOS system must display a policy banner at remote login. | ACCESS CONTROL |
| APPL-26-000024 - The macOS system must enforce SSH to display a policy banner. | ACCESS CONTROL |
| APPL-26-000025 - The macOS system must display the Standard Mandatory DOD Notice and Consent Banner at the login window. | ACCESS CONTROL |
| APPL-26-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs). | AUDIT AND ACCOUNTABILITY |
| APPL-26-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs). | AUDIT AND ACCOUNTABILITY |
| APPL-26-000033 - The macOS system must disable FileVault automatic login. | ACCESS CONTROL |
| APPL-26-000051 - The macOS system must configure SSHD ClientAliveInterval to 900. | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000052 - The macOS system must configure SSHD ClientAliveCountMax to 1. | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000053 - The macOS system must set login grace time to 30. | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000054 - The macOS system must limit SSHD to FIPS-compliant connections. | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000057 - The macOS system must limit SSH to FIPS-compliant connections. | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000060 - The macOS system must set account lockout time to 15 minutes. | ACCESS CONTROL |
| APPL-26-000070 - The macOS system must enforce screen saver timeout. | ACCESS CONTROL |
| APPL-26-000090 - The macOS system must disable login to other users' active and locked sessions. | IDENTIFICATION AND AUTHENTICATION |
| APPL-26-000100 - The macOS system must disable root login. | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-26-000110 - The macOS system must configure the SSH ServerAliveInterval to 900. | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000120 - The macOS system must configure SSHD channel timeout to 900. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000130 - The macOS system must configure SSHD unused connection timeout to 900. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000140 - The macOS system must set SSH Active Server Alive Maximum to 0. | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-26-000160 - The macOS system must enforce auto logout after 86400 seconds of inactivity. | ACCESS CONTROL |
| APPL-26-000170 - The macOS system must be configured to use an authorized time server. | AUDIT AND ACCOUNTABILITY |
| APPL-26-000180 - The macOS system must enable the time synchronization daemon. | AUDIT AND ACCOUNTABILITY |
| APPL-26-000190 - The macOS system must configure sudo to log events. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001001 - The macOS system must be configured to audit all administrative action events. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001002 - The macOS system must be configured to audit all login and logout events. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001003 - The macOS system must enable security auditing. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001012 - The macOS system must configure audit log files to be owned by root. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001013 - The macOS system must configure audit log folders to be owned by root. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001014 - The macOS system must configure the audit log files group to wheel. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001015 - The macOS system must configure the audit log folders group to wheel. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001016 - The macOS system must configure audit log files to mode 440 or less permissive. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001017 - The macOS system must configure audit log folders to mode 700 or less permissive. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001020 - The macOS system must be configured to audit all deletions of object attributes. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001021 - The macOS system must be configured to audit all changes of object attributes. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001022 - The macOS system must be configured to audit all failed read actions on the system. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001023 - The macOS system must be configured to audit all failed write actions on the system. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-26-001024 - The macOS system must be configured to audit all failed program execution on the system. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001029 - The macOS system must configure audit retention to seven days. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001030 - The macOS system must configure audit capacity warning. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001031 - The macOS system must configure audit failure notification. | AUDIT AND ACCOUNTABILITY |
| APPL-26-001044 - The macOS system must be configured to audit all authorization and authentication events. | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
