Monterey - Configure the System to Implement Approved Cryptography to Protect Information

Information

The information system _IS_ configured to implement approved cryptography to protect information.

Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules that adhere to the higher standards that have been tested, validated, and approved by the federal government.

macOS Big Sur has been submitted to the National Institute of Standards and Technology (NIST) and is in review for the cryptographic module for FIPS 140-3 validation.

link:https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/Modules-In-Process-List[]

link:https://support.apple.com/en-us/HT201159[]

Solution

The technology inherently meets this requirement. No fix is required.

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CCE|CCE-90935-8, CCI|CCI-002450

Plugin: Unix

Control ID: 5a7861ceab352eb5869dbb438611105d3ebf882b6e924c4d2252af4d420a380e