1.2.2 - MobileIron - Enable Fraudulent Website Warning | MobileIron - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
1.2.4 - MobileIron - Disable Auto Fill for Names and Passwords | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
1.2.6 - MobileIron - Delete Saved Password Information | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.2.7 - MobileIron - Delete Saved Credit Card Information | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
1.7 Ensure MariaDB is Run Under a Sandbox Environment | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
2.3.2 Secure screen saver corners - bottom right corner | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
2.3.2 Secure screen saver corners - top left corner | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
2.3.2 Secure screen saver corners - top right corner | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
2.5.1 Disable 'Wake for network access' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
2.6.6 Enable Location Services | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.6.7 Monitor Location Services Access | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.7 Lock Out Accounts if Not Currently in Use | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | ACCESS CONTROL |
2.7.1 iCloud configuration | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
2.7.2 iCloud keychain | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
2.7.3 iCloud Drive | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
2.8.1 Time Machine Auto-Backup | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONTINGENCY PLANNING |
2.10 Limit Accepted Transport Layer Security (TLS) Versions | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Java 6 is not the default Java runtime | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.4 Enable remote logging for Desktops on trusted networks | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
4.1 Disable Bonjour advertising service | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
4.3 Create network specific locations | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
5.4 Automatically lock the login keychain for inactivity | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.6 Enable OCSP and CRL certificate checking - CRLStyle | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.6 Enable OCSP and CRL certificate checking - OCSPStyle | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.13 Create a Login window banner | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
5.15 Disable Fast User Switching | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | ACCESS CONTROL |
5.16 Secure individual keychain and items | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
5.17 Create specialized keychains for different purposes | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
5.19 Install an approved tokend for smartcard authentication | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.4 Ensure Audit Logging Is Enabled | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
6.4 Safari disable Internet Plugins for global use | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
6.5 Use parental controls for systems that are not centrally managed | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.1 Wireless technology on OS X | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.2 iSight Camera Privacy and Confidentiality Concerns | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.3 Computer Name Considerations | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.4 Software Inventory Considerations | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.7 App Store Automatically download apps purchased on other Macs Considerations | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.8 Extensible Firmware Interface (EFI) password | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.9 Apple ID password reset | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
7.11 App Store Password Settings | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
DKER-EE-001810 - On Linux, a non-AUFS storage driver in the Docker Engine - Enterprise component of Docker Enterprise must be used. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-001830 - The userland proxy capability in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
JUEX-L2-000050 - The Juniper EX switch must be configured to permit authorized users to select a user session to capture. | DISA Juniper EX Series Layer 2 Switch v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |