Detections
Analytics

CIS Apple macOS 13.0 Ventura v2.0.0 L1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Apple macOS 13.0 Ventura v2.0.0 L1

Updated: 7/29/2024

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 87

File Details

Filename: CIS_Apple_macOS_13.0_Ventura_v2.0.0_L1.audit

Size: 214 kB

MD5: afdc8ad4751ae0236b40efea4aa0c603
SHA256: 45ff4561fefb782cfa8607984c95bcbb1f1078d974a7ea7605e285e4db1cdcf3

Audit Items

DescriptionCategories
1.1 Ensure All Apple-provided Software Is Current
1.2 Ensure Auto Update Is Enabled
1.3 Ensure Download New Updates When Available Is Enabled
1.4 Ensure Install of macOS Updates Is Enabled
1.5 Ensure Install Application Updates from the App Store Is Enabled
1.6 Ensure Install Security Responses and System Files Is Enabled
1.7 Ensure Software Update Deferment Is Less Than or Equal to 30 Days
1.8 Ensure the System is Managed by a Mobile Device Management (MDM) Software
2.2.1 Ensure Firewall Is Enabled
2.2.2 Ensure Firewall Stealth Mode Is Enabled
2.3.1.1 Ensure AirDrop Is Disabled When Not Actively Transferring Files
2.3.1.2 Ensure AirPlay Receiver Is Disabled
2.3.2.1 Ensure Set Time and Date Automatically Is Enabled
2.3.2.2 Ensure Time Is Set Within Appropriate Limits
2.3.3.1 Ensure DVD or CD Sharing Is Disabled
2.3.3.2 Ensure Screen Sharing Is Disabled
2.3.3.3 Ensure File Sharing Is Disabled
2.3.3.4 Ensure Printer Sharing Is Disabled
2.3.3.5 Ensure Remote Login Is Disabled
2.3.3.6 Ensure Remote Management Is Disabled
2.3.3.7 Ensure Remote Apple Events Is Disabled
2.3.3.8 Ensure Internet Sharing Is Disabled
2.3.3.11 Ensure Bluetooth Sharing Is Disabled
2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled
2.4.1 Ensure Show Wi-Fi status in Menu Bar Is Enabled
2.4.2 Ensure Show Bluetooth Status in Menu Bar Is Enabled
2.5.1 Audit Siri Settings
2.5.2 Ensure Listen for 'Hey Siri' Is Disabled
2.6.4 Ensure Limit Ad Tracking Is Enabled
2.6.5 Ensure Gatekeeper Is Enabled
2.6.6 Ensure FileVault Is Enabled
2.6.8 Ensure an Administrator Password Is Required to Access System-Wide Preferences
2.8.1 Audit Universal Control Settings
2.9.2 Ensure Power Nap Is Disabled for Intel Macs
2.9.3 Ensure Wake for Network Access Is Disabled
2.10.1 Ensure an Inactivity Interval of 20 Minutes Or Less for the Screen Saver Is Enabled
2.10.2 Ensure Require Password After Screen Saver Begins or Display Is Turned Off Is Enabled for 5 Seconds or Immediately
2.10.3 Ensure a Custom Message for the Login Screen Is Enabled
2.10.4 Ensure Login Window Displays as Name and Password Is Enabled
2.10.5 Ensure Show Password Hints Is Disabled
2.11.1 Ensure Users' Accounts Do Not Have a Password Hint
2.11.2 Audit Touch ID
2.12.1 Ensure Guest Account Is Disabled
2.12.2 Ensure Guest Access to Shared Folders Is Disabled
2.12.3 Ensure Automatic Login Is Disabled
2.13.1 Audit Passwords System Preference Setting
2.15.1 Audit Notification & Focus Settings
2.17.1 Audit Internet Accounts for Authorized Use
2.18.1 Audit Dictation
3.1 Ensure Security Auditing Is Enabled