| 1.3 Enable app update installs | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5 Enable OS X update installs | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is disabled | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is paired | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.3.3.9 Ensure Media Sharing Is Disabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.10 Ensure Media Sharing Is Disabled | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.4 Disable Printer Sharing | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - SMB | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.9 Disable Remote Management - 'ARDAgent file does not exist' | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.12 Ensure Media Sharing Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.12 Ensure Media Sharing Is Disabled | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.12 Ensure Media Sharing Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - AutoSubmit | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - Siri Opt-In | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.5 Review Application Firewall Rules | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.2 Time Machine Volumes Are Encrypted | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Pair the remote control infrared receiver if enabled | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | |
| 4.2 Enable 'Show Wi-Fi status in menu bar' | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.3 Check System folder for world writable files | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.2.2 Set a minimum password length | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.4 Complex passwords must contain a Numeric Character - '1 number' | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.9 Require a password to wake the computer from sleep or screen saver | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.11 Disable ability to login to another user's active and locked session | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.12 Create a custom message for the Login Screen | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.14 Do not enter a password-related hint | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000110 - The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies. | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | ACCESS CONTROL |
| AOSX-13-000334 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000515 - The macOS system must be configured to disable the iCloud Mail services. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000517 - The macOS system must be configured to disable the iCloud Notes services. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000545 - The macOS system must be configured to disable Bonjour multicast advertising. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000558 - The macOS system must disable iCloud Keychain synchronization. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000590 - The macOS system must enforce a minimum 15-character password length. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-13-000721 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000750 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000930 - The macOS system logon window must be configured to prompt for username and password, rather than show a list of users. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000995 - The macOS system must be configured with the sudoers file configured to authenticate users on a per -tty basis. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-001080 - The macOS Application Firewall must be enabled. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-001110 - The macOS system must be configured with all public directories owned by root or an application account. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-001210 - The macOS system must not send IPv4 ICMP redirects by default. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-001325 - The macOS system must enforce account lockout after the limit of three consecutive invalid logon attempts by a user. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-13-001355 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-067035 - The macOS system must enable certificate for smartcards. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-13-362149 - The macOS system must prohibit user installation of software without explicit privileged status. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| Apple OSX 10.9 Level 2, version 1.3.0 | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| Apple OSX 10.10 Yosemite Level I, version 1.2.0 | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| DISA_Apple_macOS_15_(Sequoia)_STIG_v1r4.audit from DISA Apple macOS 15 (Sequoia) STIG v1r4 | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | |
| OL6-00-000010 - The Oracle Linux operating system must be a vendor-supported release. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
