AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-bl-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
AOSX-13-000006 - The macOS system must be configured to disable hot corners - wvous-tr-corner | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
AOSX-13-000010 - The macOS system must initiate a session lock after a 15-minute period of inactivity. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
AOSX-13-000030 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
AOSX-13-000050 - The macOS system must be configured to disable rshd service. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000155 - The macOS system firewall must be configured with a default-deny policy. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
AOSX-13-000195 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system - 'Banner text' | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
AOSX-13-000337 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-13-000338 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-13-000520 - The macOS system must be configured to disable the system preference pane for iCloud. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000535 - The macOS system must be configured to disable Location Services. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000554 - The macOS system must not have a guest account - Guest fdesetup | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000565 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-13-000606 - The macOS system must not use unencrypted FTP. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-13-000780 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AOSX-13-000850 - The macOS system must restrict the ability of individuals to use USB storage devices - alert | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000862 - The macOS system must be configured to not allow iTunes file sharing. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000925 - The macOS system must not allow an unattended or automatic logon to the system. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000950 - The macOS firewall must have logging enabled. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000975 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-001120 - The macOS system must be configured with the sticky bit set on all public directories. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-001130 - The macOS system must be configured so that users do not have Apple IDs signed into iCloud. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-14-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - allowSimple | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - minComplexChars | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - enforceSmartCard | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | MAINTENANCE |
AOSX-14-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - Newsyslog | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AOSX-15-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - OpenSSH version | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
AOSX-15-000014 - The macOS system must, for networked systems, compare internal information system clocks at least every 24 hours with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers or a time server designated for the appropriate DoD network (NIPRNet/SIPRNet) and/or the Global Positioning System (GPS) - Network Time Server | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-15-000025 - The macOS system must be configured so that any connection to the system must display the Standard Mandatory DoD Notice and Consent Banner before granting GUI access to the system - Banner file | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
AOSX-15-000031 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-15-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
AOSX-15-001014 - The macOS system must be configured with audit log files group-owned by wheel. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-15-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-15-001030 - The macOS system must provide an immediate warning to the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
AOSX-15-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-15-002003 - The macOS system must be configured to disable the Network File System (NFS) daemon unless it is required. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002007 - The macOS system must be configured to disable Internet Sharing. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002014 - The macOS system must be configured to disable iCloud Address Book services. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002023 - The macOS system must be configured to disable the application Calendar. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002038 - The macOS system must be configured to disable the tftp service. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-15-002040 - The macOS system must disable iCloud Keychain synchronization. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002052 - The macOS system must be configured to disable the system preference pane for Wallet & ApplePay - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002060 - The macOS system must allow only applications that have a valid digital signature to run - SPApplicationsDataType | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AOSX-15-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another users files - User subdirectory Public Access Control Lists | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - allowSimple | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-15-003011 - The macOS system must enforce password complexity by requiring that at least one special character be used - minComplexChars | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
DISA_Oracle_11g_Instance_v9r1_DB.audit from DISA Oracle Database 11g Instance STIG v9r1 STIG | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
MacOS 10.14 | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | |