|Paid content will be excluded from the download.
| Matches : 58172
|The Application Firewall is the built in firewall that comes with Mac OS X and must be enabled. Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.
The system must allow only applications downloaded from the App Store to run. Gatekeeper settings must be configured correctly to only allow the system to run applications downloaded from the Mac App Store. Administrator users will still have the option to override these settings on a per app basis. Gatekeeper is a security feature that ensures that applications must be digitally signed by an Appl ...
The audit service must be configured to require that records are kept for 7 days or longer before deletion when there is no central audit record storage facility. When expire-after is set to 7d, the audit service will not delete audit logs until the log data is at least 7 days old.
Emergency administrator accounts are privileged accounts which are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation may bypass normal account authorization processes. If these accounts are automatically disabled, system maintenance during emergencies may not be possible, thus adversely affecting system ava ...
The operating system must initiate a session lock after a 15-minute period of inactivity. A screensaver must be enabled and set to require a password to unlock. The timeout should be set to fifteen minutes of inactivity. This mitigates the risk that a user might forget to manually lock the screen before stepping away from the computer. A session time-out lock is a temporary action taken when a use ...
The audit service must be configured to require a minimum percentage of free disk space in order to run. This ensures that audit will notify the administrator that action is required to free up more disk space for audit logs. When minfree is set to 25%, security personnel are notified immediately when the storage volume is 75% full and are able to plan for audit record storage capacity expansion.
Bluetooth devices must not be allowed to wake the computer. If Bluetooth is not required, turn it off. If Bluetooth is necessary, disable allowing Bluetooth devices to wake the computer.
End users must not be able to override Gatekeeper settings. Gatekeeper must be configured with a configuration profile in order to prevent normal users from overriding its setting. If users are allowed to disable Gatekeeper or set it to a less restrictive setting, then it is possible that malware could be introduced into the system. Gatekeeper is a security feature that ensures that applications m ...
Administrator users must never log in directly as root. To assure individual accountability and prevent unauthorized access, logging in as root over a remote connection must be disabled. Administrators should only run commands as root after first authenticating with their individual user names and passwords.
The operating system must retain the session lock until the user reestablishes access using established identification and authentication procedures. Users must be prompted to enter their passwords when unlocking the screensaver. The screensaver acts as a session lock and prevents unauthorized users from accessing the current user's account.
Pages:      Start    8    9    10    11    12    13    14    15    16    17    18    19    20    21    ..   5817
© 2013 SecPod Technologies