Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Enable Auto Update ChecksCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devicesCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.3.1 Set an inactivity interval of 20 minutes or less for the screen saverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.3.2 Secure screen saver corners - top left cornerCIS Apple OSX 10.9 L2 v1.3.0Unix

ACCESS CONTROL

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.4 Disable Printer SharingCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.5 Disable Remote LoginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.4.6 Disable DVD or CD SharingCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.7 Disable Bluetooth SharingCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - smbCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.1 Enable FileVault - Encryption StatusCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.2 Enable GatekeeperCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.3 Enable FirewallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.7 Monitor Location Services AccessCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1'CIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.10 Enable Secure Keyboard Entry in terminal.appCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Retain system.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.1.3 Retain authd.log for 90 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.2 Enable security auditingCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.4 Enable remote logging for Desktops on trusted networksCIS Apple OSX 10.9 L2 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Ensure http server is not runningCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.1 Secure Home FoldersCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.3 Check System Wide Applications for appropriate permissionsCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.2.2 Set a minimum password lengthCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Complex passwords must contain a Numeric CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.6 Enable OCSP and CRL certificate checking - CRLCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.6 Enable OCSP and CRL certificate checking - OCSPCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Disable automatic loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.10 Require an administrator password to access system-wide preferencesCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.11 Disable ability to login to another user's active and locked sessionCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.14 Do not enter a password-related hintCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.16 Secure individual keychains and itemsCIS Apple OSX 10.9 L2 v1.3.0Unix
5.17 Create specialized keychains for different purposesCIS Apple OSX 10.9 L2 v1.3.0Unix
5.18 Install an approved tokend for smartcard authenticationCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.1 Display login window as name and passwordCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.2 Disable "Show password hints"CIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.4 Disable "Allow guests to connect to shared folders"CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.4 Use parental controls for systems that are not centrally managedCIS Apple OSX 10.9 L2 v1.3.0Unix
7.1 Wireless technology on OS XCIS Apple OSX 10.9 L2 v1.3.0Unix
7.3 Computer Name ConsiderationsCIS Apple OSX 10.9 L2 v1.3.0Unix
7.8 Extensible Firmware Interface (EFI) passwordCIS Apple OSX 10.9 L2 v1.3.0Unix
7.9 Apple ID password resetCIS Apple OSX 10.9 L2 v1.3.0Unix