Detections
Analytics

DISA STIG Apple Mac OSX 10.5 v1r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Apple Mac OSX 10.5 v1r2

Updated: 4/2/2021

Authority: DISA STIG

Plugin: Unix

Revision: 1.29

Estimated Item Count: 156

Audit Items

DescriptionCategories
DISA_STIG_MacOSX_10.5_v1r2.audit
OSX00005 - Must have an HFS+ formatted drive.

SYSTEM AND COMMUNICATIONS PROTECTION

OSX00010 - Do not install unnecessary packages.

CONFIGURATION MANAGEMENT

OSX00012 - Verify file permissions

CONFIGURATION MANAGEMENT

OSX00015 - Create administrator accounts with difficult-to-guess names

ACCESS CONTROL

OSX00020 - Maximum password age

IDENTIFICATION AND AUTHENTICATION

OSX00025 - Minimum password age

IDENTIFICATION AND AUTHENTICATION

OSX00030 - Minimum password length

IDENTIFICATION AND AUTHENTICATION

OSX00035/OSX00565 - Create complex passwords for user accounts - 'requiresAlpha'

IDENTIFICATION AND AUTHENTICATION

OSX00035/OSX00565 - Create complex passwords for user accounts - 'requiresMixedCase'

IDENTIFICATION AND AUTHENTICATION

OSX00035/OSX00565 - Create complex passwords for user accounts - 'requiresNumeric'

IDENTIFICATION AND AUTHENTICATION

OSX00035/OSX00565 - Create complex passwords for user accounts - 'requiresSymbol'

IDENTIFICATION AND AUTHENTICATION

OSX00040 - Check newly-created password content for account or user name.

IDENTIFICATION AND AUTHENTICATION

OSX00045 - Account lockout duration

ACCESS CONTROL

OSX00050 - Account lockout threshold

ACCESS CONTROL

OSX00055/OSX00670- Application software updates/Operating System Updates

SYSTEM AND INFORMATION INTEGRITY

OSX00060 - Disable Wi-Fi Support Software - 'AppleAirPort.kext'

CONFIGURATION MANAGEMENT

OSX00060 - Disable Wi-Fi Support Software - 'AppleAirPort2.kext'

CONFIGURATION MANAGEMENT

OSX00060 - Disable Wi-Fi Support Software - 'AppleAirPortFW.kext'

CONFIGURATION MANAGEMENT

OSX00065 - Disable Bluetooth Support Software - 'IOBluetoothFamily.kext'

CONFIGURATION MANAGEMENT

OSX00065 - Disable Bluetooth Support Software - 'IOBluetoothHIDDriver.kext'

CONFIGURATION MANAGEMENT

OSX00070 - Disable Audio Recording Support Software - 'AppleDeviceTreeUpdater.kext'

CONFIGURATION MANAGEMENT

OSX00070 - Disable Audio Recording Support Software - 'AppleOnboardAudio.kext'

CONFIGURATION MANAGEMENT

OSX00070 - Disable Audio Recording Support Software - 'AppleUSBAudio.kext'

CONFIGURATION MANAGEMENT

OSX00070 - Disable Audio Recording Support Software - 'IOAudioFamily.kext'

CONFIGURATION MANAGEMENT

OSX00070 - Disable Audio Recording Support Software - 'VirtualAudioDriver.kext'

CONFIGURATION MANAGEMENT

OSX00075 - Disable Video Recording Support Software - 'Apple_iSight.kext'

CONFIGURATION MANAGEMENT

OSX00075 - Disable Video Recording Support Software - 'AppleUSBVideoSupport.kext'

CONFIGURATION MANAGEMENT

OSX00090 - Remove Infrared (IR) Support

CONFIGURATION MANAGEMENT

OSX00100 - Create an access warning for the login window

ACCESS CONTROL

OSX00105 - Create an access warning for the command line

ACCESS CONTROL

OSX00110 - Restrict sudo usage - 'timestamp_timeout'

ACCESS CONTROL

OSX00110 - Restrict sudo usage - 'tty_tickets'

ACCESS CONTROL

OSX00115 - Securely configure LDAPv3 access
OSX00120 - LDAP Authentication, Use authentication when connecting to LDAPv3.
OSX00121 - Disable clear text passwords for all LDAPv3 directories
OSX00122 - Digitally sign all LDAPv3 packets
OSX00123 - Encrypt all LDAPv3 packets
OSX00124 - LDAPv3 Block man-in-the-middle attacks
OSX00125 - Securely configure Active Directory Access
OSX00135 - Assign POSIX access permissions based on user categories.

CONFIGURATION MANAGEMENT

OSX00140 - Enable security auditing

AUDIT AND ACCOUNTABILITY

OSX00145 - Configure security auditing

AUDIT AND ACCOUNTABILITY

OSX00150 - Enable local logging

AUDIT AND ACCOUNTABILITY

OSX00150 - Enable local logging - count

AUDIT AND ACCOUNTABILITY

OSX00155 - Enable remote logging

AUDIT AND ACCOUNTABILITY

OSX00160 - Install an antivirus tool
OSX00165 - Securely configure /etc/sshd_config - Prevent root login

ACCESS CONTROL

OSX00170 - Securely configure /etc/sshd_config - Login Grace Time

ACCESS CONTROL

OSX00175 - Securely configure /etc/sshd_config - Protocol version

CONFIGURATION MANAGEMENT