Detections
Analytics

CIS Apple macOS 11 v1.2.0 L2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 11 v1.2.0 L2

Updated: 6/14/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.4

Estimated Item Count: 47

Audit Items

DescriptionCategories
1.7 Computer Name Considerations.
2.3.2 Secure screen saver corners - bottom left corner
2.3.2 Secure screen saver corners - bottom right corner
2.3.2 Secure screen saver corners - top left corner
2.3.2 Secure screen saver corners - top right corner
2.4.10 Disable Content Caching
2.4.11 Disable Media Sharing
2.5.3 Enable Location Services
2.5.4 Monitor Location Services Access
2.5.5 Disable sending diagnostic and usage data to Apple
2.5.7 Camera Privacy and Confidentiality Concerns
2.6.1 iCloud configuration
2.6.2 iCloud keychain
2.6.3 iCloud Drive
2.6.4 iCloud Drive Document and Desktop sync - Desktop
2.6.4 iCloud Drive Document and Desktop sync - Document
2.7.1 Time Machine Auto-Backup
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all authorization and authentication events'
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed write actions where enforcement stopped a file write'
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit failed program execution'
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed administrative events'
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events'
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events'
3.7 Software Inventory Considerations
4.1 Disable Bonjour advertising service
4.3 Create network specific locations
4.6 Review Wi-Fi Settings
5.1.4 Check Library folder for world writable files
5.2.3 Complex passwords must contain an Alphabetic Character
5.2.4 Complex passwords must contain a Numeric Character
5.2.5 Complex passwords must contain a Special Character
5.2.6 Complex passwords must uppercase and lowercase letters
5.4 Automatically lock the login keychain for inactivity
5.6 Ensure login keychain is locked when the computer sleeps
5.10 Ensure system is set to hibernate - DestroyFVKeyOnStandby
5.10 Ensure system is set to hibernate - hibernatemode
5.10 Ensure system is set to hibernate - highstandbythreshold
5.10 Ensure system is set to hibernate - standbydelayhigh
5.10 Ensure system is set to hibernate - standbydelaylow
5.14 Create a Login window banner
5.16 Disable Fast User Switching
5.17 Secure individual keychains and items
7.1 Extensible Firmware Interface (EFI) password
7.2 FileVault and Local Account Password Reset using AppleID
7.3 App Store Password Settings
7.5 System information backup to remote computers
CIS_Apple_macOS_11_v1.2.0_L2.audit from CIS Apple macOS 11 Benchmark v1.2.0