2.5.1 Disable 'Wake for network access'

Information

Disabling this feature mitigates the risk of an attacker remotely waking the system and gaining access.

Solution

Perform the following to implement the prescribed state:
Run the following command in Terminal:
sudo pmset -a womp 0
Verify the value returned is 0
Note: The -c flag means 'wall power.' Different settings must be used for other power sources.

See Also

https://workbench.cisecurity.org/files/301

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-11, CSCv6|3.1

Plugin: Unix

Control ID: c6ad7e0688daeb2458d48110d2809ba20cf1dcb8757705c83e27df50f1e979f7