Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - ConfigDataInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - CriticalUpdateInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Disable Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.2.1 Enable "Set time and date automatically"CIS Apple OSX 10.9 L2 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure time set is within appropriate limitsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.2.3 Restrict NTP server to loopback interfaceCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left cornerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - top right cornerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.4.8 Disable File Sharing - smbCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.5.1 Disable "Wake for network access"CIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.5.2 Disable sleeping the computer when connected to powerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.6.2 Enable GatekeeperCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.6 Enable Location ServicesCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.7 Monitor Location Services AccessCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.7.2 iCloud keychainCIS Apple OSX 10.9 L2 v1.3.0Unix
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'CIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Ensure http server is not runningCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.5 Check Library folder for world writable filesCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - OCSPCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.7 Do not enable the "root" accountCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.9 Require a password to wake the computer from sleep or screen saverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.13 Create a Login window bannerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.14 Do not enter a password-related hintCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.15 Disable Fast User SwitchingCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

5.18 Install an approved tokend for smartcard authenticationCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.1 Display login window as name and passwordCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.2 Disable "Show password hints"CIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.3 Disable guest account loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.4 Disable "Allow guests to connect to shared folders"CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.5 Remove Guest home folderCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.3 Disable the automatic run of safe files in SafariCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.4 Use parental controls for systems that are not centrally managedCIS Apple OSX 10.9 L2 v1.3.0Unix
7.2 iSight Camera Privacy and Confidentiality ConcernsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.4 Software Inventory ConsiderationsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.6 Automatic Actions for Optical MediaCIS Apple OSX 10.9 L1 v1.3.0Unix
7.8 Extensible Firmware Interface (EFI) passwordCIS Apple OSX 10.9 L2 v1.3.0Unix
DTAVSEL-009 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

IBMW-LS-001120 - The WebSphere Liberty Server must be configured to use HTTPS only.DISA IBM WebSphere Liberty Server STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION