Detections
Analytics

CIS Apple macOS 10.15 v1.4.0 L1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 10.15 v1.4.0 L1

Updated: 6/28/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.3

Estimated Item Count: 79

Audit Items

DescriptionCategories
1.1 Verify all Apple-provided software is current
1.2 Enable Auto Update
1.3 Enable Download new updates when available
1.4 Enable app update installs
1.5 Enable system data files and security updates install - 'ConfigDataInstall'
1.5 Enable system data files and security updates install - 'CriticalUpdateInstall'
1.6 Enable macOS update installs
2.1.1 Turn off Bluetooth, if no paired devices exist
2.1.2 Show Bluetooth status in menu bar
2.2.1 Enable 'Set time and date automatically' - Set time and date automatically
2.2.2 Ensure time set is within appropriate limits
2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver
2.3.3 Familiarize users with screen lock tools or corner to Start Screen Saver
2.4.1 Disable Remote Apple Events
2.4.2 Disable Internet Sharing
2.4.3 Disable Screen Sharing
2.4.4 Disable Printer Sharing
2.4.5 Disable Remote Login
2.4.6 Disable DVD or CD Sharing
2.4.7 Disable Bluetooth Sharing
2.4.8 Disable File Sharing - AppleFileServer
2.4.8 Disable File Sharing - SMB
2.4.9 Disable Remote Management
2.4.12 Ensure AirDrop Is Disabled
2.5.1.1 Enable FileVault
2.5.1.2 Ensure all user storage APFS volumes are encrypted
2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted
2.5.2.1 Enable Gatekeeper
2.5.2.2 Enable Firewall
2.5.2.3 Enable Firewall Stealth Mode
2.5.6 Limit Ad tracking and personalized Ads
2.7.2 Time Machine Volumes Are Encrypted
2.8 Disable Wake for network access
2.9 Disable Power Nap
2.10 Enable Secure Keyboard Entry in terminal.app
2.11 Ensure EFI version is valid and being regularly checked - daemon
2.11 Ensure EFI version is valid and being regularly checked - integrity-check
2.12 Automatic Actions for Optical Media
2.13 Review Siri Settings
2.14 Review Sidecar Settings
3.1 Enable security auditing
3.3 Retain install.log for 365 or more days with no maximum size - all_max
3.3 Retain install.log for 365 or more days with no maximum size - ttl
3.4 Ensure security auditing retention
3.5 Control access to audit records - /etc/security/audit_control
3.5 Control access to audit records - /var/audit
3.6 Ensure Firewall is configured to log
4.2 Enable 'Show Wi-Fi status in menu bar' - Show Wi-Fi status in menu bar
4.4 Ensure http server is not running
4.5 Ensure nfs server is not running.