Item Search

NameAudit NamePluginCategory
1.1 Verify all application software is currentCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2 Enable Auto UpdateCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'CriticalUpdateInstall'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1.4 Audit Security Keys Used With Apple AccountsCIS Apple macOS 15.0 Sequoia v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

2.1.1.4 Audit Security Keys Used With AppleIDsCIS Apple macOS 14.0 Sonoma v2.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

2.1.3 Show Bluetooth status in menu barCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.3.3 Verify Display Sleep is set to a value larger than the Screen SaverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.3.3.10 Ensure Media Sharing Is DisabledCIS Apple macOS 14.0 Sonoma v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.3 Disable Screen SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.7 Disable Bluetooth SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
2.4.12 Ensure Media Sharing Is DisabledCIS Apple macOS 12.0 Monterey v3.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - AutoSubmitCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - Siri Opt-InCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled - SubmissionCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.8 Disable sending diagnostic and usage data to AppleCIS Apple macOS 10.13 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.6.1 Enable FileVault - Encryption TypeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.2 Enable GatekeeperCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.6.4 Enable Firewall Stealth ModeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 0'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.11 Java 6 is not the default Java runtimeCIS Apple macOS 10.12 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Retain system.log for 90 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.1.2 Retain appfirewall.log for 90 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network ConnectionsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Defend against Denial of Service AttacksCIS ISC BIND 9.0/9.5 v2.0.0Unix
4.4 Enable Auditing of Process and Privilege EventsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Ensure http server is not runningCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.9 Ensure the latest iOS device architecture is used by high-value targetsAirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

4.9 Ensure the latest iOS device architecture is used by high-value targetsAirWatch - CIS Apple iPadOS 17 Institutionally Owned L2MDM

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

4.9 Ensure the latest iOS device architecture is used by high-value targetsMobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

5.1.3 Check System Wide Applications for appropriate permissionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.3 Complex passwords must contain an Alphabetic Character - '1 letter'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic Character - 'Policy Check'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.3 Complex passwords must contain an Alphabetic Character - 'RequiresAlpha'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.7 Password AgeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Disable automatic loginCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.11 Disable ability to login to another user's active and locked sessionCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.12 Create a custom message for the Login ScreenCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.14 Do not enter a password-related hintCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.3 Disable guest account loginCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

Big Sur - Disable Remote Apple EventsNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Big Sur - Disable Remote Apple EventsNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

CISC-RT-000680 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN - VFI with the globally unique VPN ID assigned for each customer VLANDISA STIG Cisco IOS XE Router RTR v3r2Cisco

CONFIGURATION MANAGEMENT

NIST_macOS_Monterey_800-53r5_high_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - 800-53r5 HighUnix
NIST_macOS_Monterey_cnssi-1253_v1.0.0.audit from NIST macOS Monterey v1.0.0NIST macOS Monterey v1.0.0 - CNSSI 1253Unix