CIS Apple macOS 10.13 L2 v1.1.0

Audit Details

Name: CIS Apple macOS 10.13 L2 v1.1.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.7

Estimated Item Count: 47

File Details

Filename: CIS_Apple_macOS_10.13_v1.1.0_Level_2.audit

Size: 101 kB

MD5: 531d2dd834c0b8a1b1f89341fe59c8d8
SHA256: e52c359dd8911703f938614857fcbb1bb14a776580f086dcf7e2c8f641e936ae

Audit Items

DescriptionCategories
2.3.2 Secure screen saver corners - bottom left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - bottom right corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left corner

ACCESS CONTROL

2.3.2 Secure screen saver corners - top right corner

ACCESS CONTROL

2.4.10 Disable Content Caching

CONFIGURATION MANAGEMENT

2.5.6 Enable Location Services

CONFIGURATION MANAGEMENT

2.5.7 Monitor Location Services Access

CONFIGURATION MANAGEMENT

2.5.8 Disable sending diagnostic and usage data to Apple

CONFIGURATION MANAGEMENT

2.6.1 iCloud configuration

ACCESS CONTROL

2.6.2 iCloud keychain

ACCESS CONTROL

2.6.3 iCloud Drive

ACCESS CONTROL

2.6.4 iCloud Drive Document and Desktop sync - desktop

CONFIGURATION MANAGEMENT

2.6.4 iCloud Drive Document and Desktop sync - document

CONFIGURATION MANAGEMENT

2.7.1 Time Machine Auto-Backup

CONTINGENCY PLANNING

2.11 Java 6 is not the default Java runtime

CONFIGURATION MANAGEMENT

2.12 Securely delete files as needed

CONFIGURATION MANAGEMENT

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed events across all audit classes'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed administrative events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file deletion events'

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events'

AUDIT AND ACCOUNTABILITY

4.1 Disable Bonjour advertising service

CONFIGURATION MANAGEMENT

4.3 Create network specific locations

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.4 Check Library folder for world writable files

ACCESS CONTROL

5.2.3 Complex passwords must contain an Alphabetic Character
5.2.4 Complex passwords must contain a Numeric Character

IDENTIFICATION AND AUTHENTICATION

5.2.5 Complex passwords must contain a Special Character
5.2.6 Complex passwords must uppercase and lowercase letters
5.4 Automatically lock the login keychain for inactivity

ACCESS CONTROL

5.6 Ensure login keychain is locked when the computer sleeps

IDENTIFICATION AND AUTHENTICATION

5.10 Ensure system is set to hibernate

CONFIGURATION MANAGEMENT

5.14 Create a Login window banner

ACCESS CONTROL

5.16 Disable Fast User Switching

ACCESS CONTROL

5.17 Secure individual keychains and items

IDENTIFICATION AND AUTHENTICATION

5.18 Create specialized keychains for different purposes

IDENTIFICATION AND AUTHENTICATION

6.4 Use parental controls for systems that are not centrally managed

ACCESS CONTROL

7.1 Wireless technology on macOS

ACCESS CONTROL

7.2 iSight Camera Privacy and Confidentiality Concerns

CONFIGURATION MANAGEMENT

7.3 Computer Name Considerations

CONFIGURATION MANAGEMENT

7.4 Software Inventory Considerations

CONFIGURATION MANAGEMENT

7.5 Firewall Consideration

CONFIGURATION MANAGEMENT

7.7 App Store Automatically download apps purchased on other Macs Considerations

CONFIGURATION MANAGEMENT

7.8 Extensible Firmware Interface (EFI) password

CONFIGURATION MANAGEMENT

7.9 FileVault and Local Account Password Reset using AppleID

ACCESS CONTROL

7.11 App Store Password Settings

ACCESS CONTROL, CONFIGURATION MANAGEMENT

7.14 System information backup to remote computers

CONTINGENCY PLANNING

CIS_Apple_macOS_10.13_v1.1.0_Level_2.audit from CIS Apple macOS 10.13 Benchmark v1.1.0