1.7 Computer Name Considerations. | |
2.3.2 Secure screen saver corners - bottom left corner | ACCESS CONTROL |
2.3.2 Secure screen saver corners - bottom right corner | ACCESS CONTROL |
2.3.2 Secure screen saver corners - top left corner | ACCESS CONTROL |
2.3.2 Secure screen saver corners - top right corner | ACCESS CONTROL |
2.4.10 Disable Content Caching | CONFIGURATION MANAGEMENT |
2.4.11 Disable Media Sharing | CONFIGURATION MANAGEMENT |
2.5.3 Enable Location Services | |
2.5.4 Monitor Location Services Access | |
2.5.4 Monitor Location Services Access - evaluate application | |
2.5.5 Disable sending diagnostic and usage data to Apple | |
2.5.7 Camera Privacy and Confidentiality Concerns | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 iCloud configuration | CONFIGURATION MANAGEMENT |
2.6.2 iCloud keychain | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
2.6.3 iCloud Drive | CONFIGURATION MANAGEMENT |
2.6.4 iCloud Drive Document and Desktop sync - Desktop | CONFIGURATION MANAGEMENT |
2.6.4 iCloud Drive Document and Desktop sync - Document | CONFIGURATION MANAGEMENT |
2.7.1 Time Machine Auto-Backup | CONTINGENCY PLANNING |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all authorization and authentication events' | AUDIT AND ACCOUNTABILITY |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed write actions where enforcement stopped a file write' | AUDIT AND ACCOUNTABILITY |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit failed program execution' | AUDIT AND ACCOUNTABILITY |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed administrative events' | AUDIT AND ACCOUNTABILITY |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events' | AUDIT AND ACCOUNTABILITY |
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events' | AUDIT AND ACCOUNTABILITY |
3.7 Software Inventory Considerations | SYSTEM AND INFORMATION INTEGRITY |
4.1 Disable Bonjour advertising service | CONFIGURATION MANAGEMENT |
4.3 Create network specific locations | SYSTEM AND COMMUNICATIONS PROTECTION |
4.6 Review Wi-Fi Settings | CONFIGURATION MANAGEMENT |
5.1.4 Check Library folder for world writable files | ACCESS CONTROL |
5.2.3 Complex passwords must contain an Alphabetic Character | IDENTIFICATION AND AUTHENTICATION |
5.2.4 Complex passwords must contain a Numeric Character | IDENTIFICATION AND AUTHENTICATION |
5.2.5 Complex passwords must contain a Special Character | IDENTIFICATION AND AUTHENTICATION |
5.2.6 Complex passwords must uppercase and lowercase letters | IDENTIFICATION AND AUTHENTICATION |
5.4 Automatically lock the login keychain for inactivity | IDENTIFICATION AND AUTHENTICATION |
5.6 Ensure login keychain is locked when the computer sleeps | IDENTIFICATION AND AUTHENTICATION |
5.10 Ensure system is set to hibernate - DestroyFVKeyOnStandby | CONFIGURATION MANAGEMENT |
5.10 Ensure system is set to hibernate - hibernatemode | CONFIGURATION MANAGEMENT |
5.10 Ensure system is set to hibernate - highstandbythreshold | CONFIGURATION MANAGEMENT |
5.10 Ensure system is set to hibernate - standbydelayhigh | CONFIGURATION MANAGEMENT |
5.10 Ensure system is set to hibernate - standbydelaylow | CONFIGURATION MANAGEMENT |
5.14 Create a Login window banner | ACCESS CONTROL |
5.16 Disable Fast User Switching | ACCESS CONTROL |
5.17 Secure individual keychains and items | IDENTIFICATION AND AUTHENTICATION |
5.18 Create specialized keychains for different purposes | IDENTIFICATION AND AUTHENTICATION |
7.1 Extensible Firmware Interface (EFI) password | ACCESS CONTROL |
7.2 FileVault and Local Account Password Reset using AppleID | ACCESS CONTROL |
7.4 App Store Password Settings | CONFIGURATION MANAGEMENT |
7.6 System information backup to remote computers | CONTINGENCY PLANNING |
CIS_Apple_macOS_10.15_v1.3.0_L2.audit from CIS Apple macOS 10.15 Benchmark v1.3.0 | |