Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Verify all application software is currentCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2 Enable Auto UpdateCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.3 Enable app update installsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'CriticalUpdateInstall'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.5 Enable OS X update installsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devicesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.1.3 Show Bluetooth status in menu barCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.2 Ensure time set is within appropriate limitsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.3.3 Verify Display Sleep is set to a value larger than the Screen SaverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.3 Disable Screen SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.6 Disable DVD or CD SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMBCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management - 'ARDAgent is not running'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.6.3 Enable FirewallCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

3.1.3 Retain authd.log for 90 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable 'Show Wi-Fi status in menu bar'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.5 Ensure ftp server is not runningCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.1.1 Secure Home FoldersCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.1.3 Check System Wide Applications for appropriate permissionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.1.4 Check System folder for world writable filesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.1 Configure account lockout thresholdCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic Character - '1 letter'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Complex passwords must contain a Numeric Character - 'Numeric'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.5 Complex passwords must contain a Special CharacterCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Complex passwords must contain uppercase and lowercase lettersCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.8 Password HistoryCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.7 Do not enable the 'root' accountCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.9 Require a password to wake the computer from sleep or screen saverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.14 Do not enter a password-related hintCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.1 Display login window as name and passwordCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.1.2 Disable 'Show password hints'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.4 Disable 'Allow guests to connect to shared folders' - AFP SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.1.4 Disable 'Allow guests to connect to shared folders' - SMB SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.1.5 Remove Guest home folderCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.3 Disable the automatic run of safe files in SafariCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION