Item Search

Name	Audit Name	Plugin	Category
1.1 Verify all Apple provided software is current	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.2 Enable Auto Update Checks	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.3 Enable app update installs	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.4 Enable system data files and security update installs - ConfigDataInstall	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
2.1.1 Disable Bluetooth, if no paired devices exist	CIS Apple OSX 10.9 L1 v1.3.0	Unix
2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devices	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.2.1 Enable "Set time and date automatically"	CIS Apple OSX 10.9 L2 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
2.2.2 Ensure time set is within appropriate limits	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.2.3 Restrict NTP server to loopback interface	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
2.3.2 Secure screen saver corners - bottom left corner	CIS Apple OSX 10.9 L2 v1.3.0	Unix	ACCESS CONTROL
2.3.2 Secure screen saver corners - top left corner	CIS Apple OSX 10.9 L2 v1.3.0	Unix	ACCESS CONTROL
2.3.4 Set a screen corner to Start Screen Saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
2.4.2 Disable Internet Sharing	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.4.6 Disable DVD or CD Sharing	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.4.8 Disable File Sharing - smb	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.6.1 Enable FileVault - Encryption Status	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.1 Enable FileVault - Encryption Type	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.2 Enable Gatekeeper	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.6.3 Enable Firewall	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.4 Enable Firewall Stealth Mode	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.6 Enable Location Services	CIS Apple OSX 10.9 L2 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.6.7 Monitor Location Services Access	CIS Apple OSX 10.9 L2 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.11 Java 6 is not the default Java runtime	CIS Apple OSX 10.9 L2 v1.3.0	Unix	CONFIGURATION MANAGEMENT
3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Ensure ftp server is not running	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
5.2.3 Complex passwords must contain an Alphabetic Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.4 Complex passwords must contain a Numeric Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.5 Complex passwords must contain a Symbolic Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4 Automatically lock the login keychain for inactivity	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.5 Ensure login keychain is locked when the computer sleeps	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.6 Enable OCSP and CRL certificate checking - CRL	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.6 Enable OCSP and CRL certificate checking - OCSP	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Do not enable the "root" account	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.9 Require a password to wake the computer from sleep or screen saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.13 Create a Login window banner	CIS Apple OSX 10.9 L2 v1.3.0	Unix	ACCESS CONTROL
5.17 Create specialized keychains for different purposes	CIS Apple OSX 10.9 L2 v1.3.0	Unix
5.18 Install an approved tokend for smartcard authentication	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.2 Disable "Show password hints"	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.3 Disable guest account login	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.1.4 Disable "Allow guests to connect to shared folders"	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.2 Turn on filename extensions	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
7.2 iSight Camera Privacy and Confidentiality Concerns	CIS Apple OSX 10.9 L2 v1.3.0	Unix
7.4 Software Inventory Considerations	CIS Apple OSX 10.9 L2 v1.3.0	Unix
DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-200 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	MAINTENANCE

Detections

Analytics

Item Search