Detections
Analytics

CIS Apple macOS 10.12 L1 v1.2.0

Audit Details

Name: CIS Apple macOS 10.12 L1 v1.2.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.7

Estimated Item Count: 76

File Details

Filename: CIS_Apple_macOS_10.12_v1.2.0_Level_1.audit

Size: 145 kB

MD5: 89fc81dda1182cf56e02d622664c0910
SHA256: 52d04a1736297caefe90357e4e639272a83e2ac882a1119d9ea31c640c8cec1c

Audit Items

DescriptionCategories
1.1 Verify all Apple provided software is current

SYSTEM AND INFORMATION INTEGRITY

1.2 Enable Auto Update

SYSTEM AND INFORMATION INTEGRITY

1.3 Enable app update installs

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'ConfigDataInstall'

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'CriticalUpdateInstall'

SYSTEM AND INFORMATION INTEGRITY

1.5 Enable macOS update installs

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Turn off Bluetooth, if no paired devices exist

CONFIGURATION MANAGEMENT

2.1.2 Turn off Bluetooth 'Discoverable' mode when not pairing devices

CONFIGURATION MANAGEMENT

2.1.3 Show Bluetooth status in menu bar

CONFIGURATION MANAGEMENT

2.2.1 Enable 'Set time and date automatically' - Set time and date automatically

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure time set is within appropriate limits

CONFIGURATION MANAGEMENT

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver

ACCESS CONTROL

2.3.3 Set a screen corner to Start Screen Saver

ACCESS CONTROL

2.4.1 Disable Remote Apple Events

CONFIGURATION MANAGEMENT

2.4.2 Disable Internet Sharing

CONFIGURATION MANAGEMENT

2.4.3 Disable Screen Sharing

CONFIGURATION MANAGEMENT

2.4.4 Disable Printer Sharing

CONFIGURATION MANAGEMENT

2.4.5 Disable Remote Login

ACCESS CONTROL

2.4.6 Disable DVD or CD Sharing

CONFIGURATION MANAGEMENT

2.4.7 Disable Bluetooth Sharing

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - AppleFileServer

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMB

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote Management

CONFIGURATION MANAGEMENT

2.5.1 Disable 'Wake for network access' - Wake for network access

ACCESS CONTROL

2.6.1.1 Enable FileVault

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.1.2 Ensure all user storage CoreStorage volumes are encrypted

CONFIGURATION MANAGEMENT

2.6.2 Enable Gatekeeper

CONFIGURATION MANAGEMENT

2.6.3 Enable Firewall

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.4 Enable Firewall Stealth Mode

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall Rules

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are Encrypted

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled

ACCESS CONTROL

2.10 Enable Secure Keyboard Entry in terminal.app

CONFIGURATION MANAGEMENT

3.1 Enable security auditing

AUDIT AND ACCOUNTABILITY

3.3 Ensure security auditing retention

AUDIT AND ACCOUNTABILITY

3.4 Control access to audit records - /etc/security/audit_control
3.4 Control access to audit records - /var/audit

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more days

AUDIT AND ACCOUNTABILITY

3.6 Ensure Firewall is configured to log

AUDIT AND ACCOUNTABILITY

4.2 Enable 'Show Wi-Fi status in menu bar' - Show Wi-Fi status in menu bar

CONFIGURATION MANAGEMENT

4.4 Ensure http server is not running

CONFIGURATION MANAGEMENT

4.5 Ensure FTP server is not running

CONFIGURATION MANAGEMENT

4.6 Ensure nfs server is not running

CONFIGURATION MANAGEMENT

5.1.1 Secure Home Folders

CONFIGURATION MANAGEMENT

5.1.2 Check System Wide Applications for appropriate permissions

ACCESS CONTROL

5.1.3 Check System folder for world writable files

ACCESS CONTROL

5.2.1 Configure account lockout threshold

ACCESS CONTROL

5.2.2 Set a minimum password length

IDENTIFICATION AND AUTHENTICATION

5.2.7 Password Age

IDENTIFICATION AND AUTHENTICATION

5.2.8 Password History

IDENTIFICATION AND AUTHENTICATION