NIST macOS Big Sur v1.4.0 - 800-171

Audit Details

Name: NIST macOS Big Sur v1.4.0 - 800-171

Updated: 4/25/2022

Authority: TNS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 136

File Details

Filename: NIST_macOS_Big_Sur_800-171_v1.4.0.audit

Size: 220 kB

MD5: 284d8d96fe943695439c6e1977441df2
SHA256: 01a15ad9ce5030c590c1b08df42d2f2d0f8b0b30fc74327705a676c7a3a7fb1e

Audit Items

DescriptionCategories
Big Sur - Apply Gatekeeper Settings to Block Applications from Unidentified Developers

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Audit Failure Notification

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files Group to Wheel

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to be Owned by Root

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Mode 440 or Less Permissive

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Not Contain Access Control Lists

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Audit Log Folder to Not Contain Access Control Lists

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders Group to Wheel

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders to be Owned by Root

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Gatekeeper to Disallow End User Override

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Login Window to Prompt for Username and Password

IDENTIFICATION AND AUTHENTICATION

Big Sur - Configure macOS to Use an Authorized Time Server

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure SSH ServerAliveInterval option set to 900 or less

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure System to Audit All Administrative Action Events

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication Events

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Failed Change of Object Attributes

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Failed Program Execution on the System

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Big Sur - Configure System to Audit All Failed Read Actions on the System

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Failed Write Actions on the System

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Log In and Log Out Events

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Big Sur - Configure System to Shut Down Upon Audit Failure

AUDIT AND ACCOUNTABILITY

Big Sur - Configure the System for Nonlocal Maintenance

MAINTENANCE

Big Sur - Configure the System to Block Non-Privileged Users from Executing Privileged Functions

ACCESS CONTROL

Big Sur - Configure the System to Implement Approved Cryptography to Protect Information

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared Resources

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure the System to Separate User and System Functionality - separate

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure User Session Lock When a Smart Token is Removed

ACCESS CONTROL

Big Sur - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Accounts after 35 Days of Inactivity

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable AirDrop

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Apple ID Setup during Setup Assistant

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Bluetooth Sharing

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Bluetooth When no Approved Device is Connected

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Bonjour Multicast

CONFIGURATION MANAGEMENT

Big Sur - Disable Calendar.app

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Content Caching Service

CONFIGURATION MANAGEMENT

Big Sur - Disable FaceTime.app

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable FileVault Automatic Login

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable Find My Service

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Guest Access to Shared SMB Folders

ACCESS CONTROL

Big Sur - Disable Handoff

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Hot Corners

ACCESS CONTROL

Big Sur - Disable iCloud Address Book

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Bookmarks

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Desktop and Document Folder Sync

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Document Sync

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Keychain Sync

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Mail

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable iCloud Notes

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION