| Monterey - Access Control for Mobile Devices | ACCESS CONTROL |
| Monterey - Allow Smartcard Authentication | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Apply Gatekeeper Settings to Block Applications from Unidentified Developers | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Audit Record Reduction and Report Generation - processing | AUDIT AND ACCOUNTABILITY |
| Monterey - Audit Record Reduction and Report Generation - reduction | AUDIT AND ACCOUNTABILITY |
| Monterey - Automatically Remove or Disable Emergency Accounts within 72 Hours | ACCESS CONTROL |
| Monterey - Automatically Remove or Disable Temporary or Emergency User Accounts within 72 Hours | ACCESS CONTROL |
| Monterey - Automatically Remove or Disable Temporary User Accounts within 72 Hours | ACCESS CONTROL |
| Monterey - Configure Apple System Log Files Owned by Root and Group to Wheel | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Apple System Log Files To Mode 640 or Less Permissive | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Capacity Warning | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Failure Notification | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files Group to Wheel | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to be Owned by Root | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Log Folder to Not Contain Access Control Lists | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to be Owned by Root | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to Mode 700 or Less Permissive | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Retention to a Minimum of Seven Days | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Automated Flaw Remediation | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Gatekeeper to Disallow End User Override | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Login Window to Prompt for Username and Password | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure macOS to Use an Authorized Time Server | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure SSH ServerAliveInterval option set to 900 or less | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure Sudoers to Authenticate Users on a Per -tty Basis | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure System Log Files Owned by Root and Group to Wheel | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure System Log Files to Mode 640 or Less Permissive | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure System to Audit All Administrative Action Events | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Authorization and Authentication Events | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Deletions of Object Attributes | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Program Execution on the System | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Monterey - Configure System to Audit All Failed Read Actions on the System | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Write Actions on the System | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Shut Down Upon Audit Failure | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure the System for Nonlocal Maintenance | MAINTENANCE |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | ACCESS CONTROL |
| Monterey - Configure the System to Implement Approved Cryptography to Protect Information | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared Resources | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure the System to Protect Memory from Unauthorized Code Execution | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure the System to Separate User and System Functionality - isolate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure the System to Separate User and System Functionality - separate | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure User Session Lock When a Smart Token is Removed | ACCESS CONTROL |
| Monterey - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Disable Accounts after 35 Days of Inactivity | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
