1.2 Ensure Auto Update Is Enabled | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.2 Ensure Auto Update Is Enabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
2.1.1.5 Audit Freeform Sync to iCloud | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
5.29 Ensure Docker's default bridge docker0 is not used | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | CONFIGURATION MANAGEMENT |
AIOS-12-012200 - Apple iOS users must complete required training. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
AIOS-14-010600 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
APPL-14-000100 The macOS system must disable root logon. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
APPL-14-000180 The macOS system must enable time synchronization daemon. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-14-001003 The macOS system must enable security auditing. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
APPL-14-001012 The macOS system must configure audit log files to be owned by root. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-14-001016 The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-14-001024 The macOS system must be configured to audit all failed program execution on the system. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
APPL-14-001140 The macOS system must configure audit_control to not contain access control lists. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-14-002020 The macOS system must disable Siri. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-14-002063 The macOS system must disable the guest account. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-14-002110 The macOS system must disable Bluetooth sharing. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
APPL-14-003008 The macOS system must restrict maximum password lifetime to 60 days. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-14-003051 The macOS system must enforce multifactor authentication for the su command. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-14-003052 The macOS system must enforce multifactor authentication for privilege escalation through the sudo command. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-14-005054 The macOS system must disable TouchID prompt during Setup Assistant. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-14-005060 The macOS system must disable proximity-based password sharing requests. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-000012 - The macOS system must automatically remove or disable temporary or emergency user accounts within 72 hours. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
APPL-15-000014 - The macOS system must enforce time synchronization. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-15-000023 - The macOS system must display a policy banner at remote login. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
APPL-15-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs). | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-15-000033 - The macOS system must disable FileVault automatic login. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
APPL-15-000070 - The macOS system must enforce screen saver timeout. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
APPL-15-000090 - The macOS system must disable login to other users' active and locked sessions. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-000110 - The macOS system must configure the SSH ServerAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
APPL-15-001001 - The macOS system must be configured to audit all administrative action events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
APPL-15-001002 - The macOS system must be configured to audit all login and logout events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
APPL-15-001014 - The macOS system must configure the audit log files group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
APPL-15-002008 - The macOS system must disable the built-in web server. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
APPL-15-002020 - The macOS system must disable Siri. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-002036 - The macOS system must disable Privacy Setup services during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-002043 - The macOS system must disable iCloud Photo Library. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-002063 - The macOS system must disable the guest account. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-002068 - The macOS system must secure users' home folders. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
APPL-15-003010 - The macOS system must require a minimum password length of 14 characters. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003011 - The macOS system must require that passwords contain a minimum of one special character. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003014 - The macOS system must remove password hints from user accounts. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003030 - The macOS system must allow smart card authentication. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003051 - The macOS system must enforce multifactor authentication for the su command. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003052 - The macOS system must enforce multifactor authentication for privilege escalation through the sudo command. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-15-003070 - The macOS system must set minimum password lifetime to 24 hours. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JUEX-RT-000600 - The Juniper router must be configured to have Gratuitous ARP disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Enable Recovery Lock | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
Monterey - Enable Recovery Lock | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |