Item Search

Name	Audit Name	Plugin	Category
1.1 Verify all Apple provided software is current	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.2 Enable Auto Update Checks	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.2.2 - MobileIron - Enable Fraudulent Website Warning	MobileIron - CIS Apple iOS 9 v1.0.0 L1	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.2.4 - MobileIron - Disable Auto Fill for Names and Passwords	MobileIron - CIS Apple iOS 9 v1.0.0 L2	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.2.6 - MobileIron - Delete Saved Password Information	MobileIron - CIS Apple iOS 9 v1.0.0 L2	MDM	ACCESS CONTROL
1.2.7 - MobileIron - Delete Saved Credit Card Information	MobileIron - CIS Apple iOS 8 v1.0.0 L2	MDM	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.3 Enable app update installs	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.4 Enable system data files and security update installs - ConfigDataInstall	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
2.1.1 Disable Bluetooth, if no paired devices exist	CIS Apple OSX 10.9 L1 v1.3.0	Unix
2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devices	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.2.2 Ensure time set is within appropriate limits	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.2.3 Restrict NTP server to loopback interface	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
2.3.4 Set a screen corner to Start Screen Saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
2.4.2 Disable Internet Sharing	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.4.6 Disable DVD or CD Sharing	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.4.8 Disable File Sharing - smb	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.6.1 Enable FileVault - Encryption Status	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.1 Enable FileVault - Encryption Type	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.2 Enable Gatekeeper	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.6.3 Enable Firewall	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.6.4 Enable Firewall Stealth Mode	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.8.2 Time Machine Volumes Are Encrypted	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
3.1.1 Retain system.log for 90 or more days	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.3 Retain authd.log for 90 or more days	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
3.5 Retain install.log for 365 or more days	CIS Apple OSX 10.9 L1 v1.3.0	Unix	AUDIT AND ACCOUNTABILITY
4.5 Ensure ftp server is not running	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissions	CIS Apple OSX 10.9 L1 v1.3.0	Unix	CONFIGURATION MANAGEMENT
5.1.3 Check System Wide Applications for appropriate permissions	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.1.4 Check System folder for world writable files	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.2.1 Configure account lockout threshold	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.2.3 Complex passwords must contain an Alphabetic Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.4 Complex passwords must contain a Numeric Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.5 Complex passwords must contain a Symbolic Character	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Do not enable the "root" account	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.8 Disable automatic login	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.9 Require a password to wake the computer from sleep or screen saver	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.12 Create a custom message for the Login Screen	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.1.1 Display login window as name and password	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.1.2 Disable "Show password hints"	CIS Apple OSX 10.9 L1 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.3 Disable guest account login	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.1.4 Disable "Allow guests to connect to shared folders"	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
6.2 Turn on filename extensions	CIS Apple OSX 10.9 L1 v1.3.0	Unix	SYSTEM AND INFORMATION INTEGRITY
CIS_Apple_macOS_12.0_Monterey_v4.0.0_L2.audit from CIS Apple macOS 12.0 Monterey Benchmark v4.0.0	CIS Apple macOS 12.0 Monterey v4.0.0 L2	Unix

Detections

Analytics

Item Search