[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196097 Download | Alert*

SSH _MUST_ be configured with an Active Server Alive Maximum Count set to 900 or less. Setting the Active Server Alive Maximum Count to 900 second will log users out after a 15-minute interval of inactivity.

This setting allows macOS updates to be installed automatically once they are available from Apple. Because patches need to be applied as soon as possible, allowing for automatic updates ensures that the users device is updated in a timely manner rather than be left vulnerable to additional security risks.

The default global umask setting must be set to '027' for user applications. The setting '027' ensures that user created files and directories will be readable, but not writable, by users that share the same group id. Users with a different group id will not be able to read or write those files. This mitigates the risk that unauthorized users might be able to read and write files saved to the syst ...

Allowing guests to connect to shared folders lets users access such folders from different computers on a network. Not allowing guests to connect to shared folders mitigates the risk of an untrusted user doing basic reconnaissance and gaining unauthorized access to the system.

The group of csh init files must be wheel. Use the command chown :0 /etc/csh.cshrc /etc/csh.login /etc/csh.logout to change the group owner as appropriate.

The owner of bash 'init' files must be root. /etc/profile it is used to set system wide environmental variables on users shells. /etc/bashrc file is meant for setting command aliases and functions used by bash shell users. Use chown root /etc/bashrc /etc/profile to to change the owner as appropriate.

The SSH idle timeout interval should be set to an appropriate value.

The macOS system must enforce the limit of time for failed login reset after the account locked out by providing invalid logon attempts by the user.

Enforce Smartcard Authentication for SSH

Remote login service _MUST_ be configured to display a policy banner at login. Displaying a standardized and approved use notification before granting access to the operating system ensures that users are provided with privacy and security notification verbiage that is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.System use n ...


Pages:      Start    8525    8526    8527    8528    8529    8530    8531    8532    8533    8534    8535    8536    8537    8538    ..   19609

© SecPod Technologies