| 1.2 Enable Auto Update Checks | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devices | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Show Bluetooth status in menu bar | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - bottom right corner | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - top left corner | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.2 Secure screen saver corners - top right corner | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.3 Verify Display Sleep is set to a value larger than the Screen Saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.4.3 Disable Screen Sharing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.5 Disable Remote Login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.4.6 Disable DVD or CD Sharing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - AppleFileServer | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - smb | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.9 Disable Remote Management - 'ARDAgent file does not exist' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.9 Disable Remote Management - 'ARDAgent is not running' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.5.5 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.8 Disable sending diagnostic and usage data to Apple | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.2 Enable Gatekeeper | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.3 Enable Firewall | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.7 Monitor Location Services Access | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.7.1 iCloud configuration | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 2.7.2 iCloud keychain | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 2.8.2 Time Machine Volumes Are Encrypted | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Pair the remote control infrared receiver if enabled | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | |
| 2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 1' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Retain appfirewall.log for 90 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable "Show Wi-Fi status in menu bar" | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.3 Create network specific locations | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 4.6 Ensure nfs server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.9 Ensure the latest iOS device architecture is used by high-value targets | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L2 | MDM | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 5.1.5 Check Library folder for world writable files | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 5.2.4 Complex passwords must contain a Numeric Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Enable OCSP and CRL certificate checking - CRL | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Enable OCSP and CRL certificate checking - OCSP | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.16 Secure individual keychains and items | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 5.17 Create specialized keychains for different purposes | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 5.18 Install an approved tokend for smartcard authentication | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.2 Disable "Show password hints" | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.4 Disable "Allow guests to connect to shared folders" | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.3 Disable the automatic run of safe files in Safari | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Use parental controls for systems that are not centrally managed | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 7.1 Wireless technology on OS X | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 7.3 Computer Name Considerations | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 7.6 Automatic Actions for Optical Media | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | |
| 7.8 Extensible Firmware Interface (EFI) password | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 7.9 Apple ID password reset | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| DISA_STIG_Apple_OS_X_10.14_v2r6.audit from DISA Apple OS X 10.14 (Mojave) v2r6 STIG | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | |
