2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'

Information

This recommendation pertains to the Safari feature which warns end users about visiting suspected fraudulent websites.

Rationale:

Fraudulent websites masquerade as legitimate instances of financial, business, or other sensitive sites. They are designed to capture user credentials, often through phishing campaigns. Safari's fraudulent website warning feature helps protect end users from such sites.

Solution

Open Apple Configurator.

Open the Configuration Profile.

In the left window pane, click on the Restrictions tab.

In the right window pane, under the tab Apps, check the checkbox for Force fraud warning.

Deploy the Configuration Profile.

See Also

https://workbench.cisecurity.org/benchmarks/6168

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-10, 800-53|CM-11, 800-53|SC-18, CSCv7|7.2

Plugin: MDM

Control ID: 15e85b17cb901459d2c680f0292fad54c561f1e488854369f2842e3b43738553