Monterey - Ensure Secure Boot Level Set to Full

Information

The Secure Boot security setting _MUST_ be set to full.

Full security is the default Secure Boot setting in macOS. During startup, when Secure Boot is set to full security, the Mac will verify the integrity of the operating system before allowing the operating system to boot.

NOTE: This will only return a proper result on a T2 or Apple Silicon Macs.

Solution

NOTE: Boot into Recovery Mode and enable Full Secure Boot

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-6, 800-53|SI-7, 800-53|SI-7(1), 800-53|SI-7(5), CCE|CCE-90996-0

Plugin: Unix

Control ID: f7a688d80cc271ccfb23bd8a427762f444e00f22d21f24ae24984c25697a1a89