Item Search

NameAudit NamePluginCategory
1.1 Verify all Apple provided software is currentCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2 Enable Auto Update ChecksCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2.1 - MobileIron - Disable JavaScriptMobileIron - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.1 - MobileIron - Disable JavaScriptMobileIron - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.3 - MobileIron - Disable Auto Fill for Contact InformationMobileIron - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.4 - MobileIron - Disable Auto Fill for Names and PasswordsMobileIron - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.5 - MobileIron - Disable Auto Fill for Credit Card InformationMobileIron - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.5 - MobileIron - Disable Auto Fill for Credit Card InformationMobileIron - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.2.7 - MobileIron - Delete Saved Credit Card InformationMobileIron - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL

1.3 Enable app update installsCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - ConfigDataInstallCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Turn off Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devicesCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.2.2 Ensure time set is within appropriate limitsCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.2.3 Restrict NTP server to loopback interfaceCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.3.4 Set a screen corner to Start Screen SaverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.4.2 Disable Internet SharingCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.6 Disable DVD or CD SharingCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - smbCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.1 Enable FileVault - Encryption StatusCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.2 Enable GatekeeperCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.6.4 Enable Firewall Stealth ModeCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more daysCIS Apple OSX 10.9 L1 v1.3.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Ensure http server is not runningCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

4.5 Ensure ftp server is not runningCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.1.1 Secure Home FoldersCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.2.2 Set a minimum password lengthCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.3 Complex passwords must contain an Alphabetic CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Complex passwords must contain a Numeric CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Complex passwords must contain a Symbolic CharacterCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.8 Disable automatic loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.9 Require a password to wake the computer from sleep or screen saverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

5.10 Require an administrator password to access system-wide preferencesCIS Apple OSX 10.9 L1 v1.3.0Unix

CONFIGURATION MANAGEMENT

5.14 Do not enter a password-related hintCIS Apple OSX 10.9 L1 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.1 Display login window as name and passwordCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.3 Disable guest account loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.4 Disable "Allow guests to connect to shared folders"CIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.6 Automatic Actions for Optical MediaCIS Apple OSX 10.9 L1 v1.3.0Unix
DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001900 - The Create repository on push option in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

CONFIGURATION MANAGEMENT

Remote control infrared receiver disabledCIS Apple OSX 10.9 L1 v1.3.0Unix