[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30477 Download | Alert*

Time synchronization must be enforced on all networked systems. This rule ensures the uniformity of time stamps for information systems with multiple system clocks and systems connected over a network. Audit: Verify the macOS system is configured to enforce time synchronization with the following command: /usr/bin/osascript -l JavaScript << EOS $.NSUserDefaults.alloc.initWithSuite ...

The macOS system must be configured to block access to users who are no longer authorized (i.e., users with revoked certificates). To prevent the use of untrusted certificates, the certificates on a smart card must meet the following criteria: its issuer has a system-trusted certificate, the certificate is not expired, its "valid-after" date is in the past, and it passes Certificate Rev ...

The macOS built-in Mail.app connection to Apple's iCloud service must be disabled. Apple's iCloud service does not provide an organization with enough control over the storage and access of data and, therefore, automated mail synchronization must be controlled by an organization approved service. Audit: Verify the macOS system is configured to disable iCloud Mail with the following comma ...

The macOS system's ability to automatically synchronize a user's passwords to their iCloud account must be disabled. Apple's iCloud service does not provide an organization with enough control over the storage and access of data and, therefore, password management and synchronization must be controlled by an organization approved service. Audit: Verify the macOS system is configured to d ...

The System Settings pane for TouchID must be disabled. Disabling the System Settings pane prevents the users from configuring TouchID. Audit: Verify the macOS system is configured to disable the TouchID System Settings pane with the following command: /usr/bin/profiles show -output stdout-xml | /usr/bin/xmllint --xpath '//key[text()="DisabledSystemSettings"]/following-sibling ...

The macOS system must be configured to disable Bluetooth unless an approved device is connected. NOTE: Information system security officers (ISSOs) may make the risk-based decision not to disable Bluetooth to maintain necessary functionality, but they are advised to first fully weigh the potential risks posed to their organization. Audit: Verify the macOS system is configured to disable ...

TouchID enables the ability to unlock a macOS system with a user's fingerprint. TouchID must be disabled for "Unlocking your Mac" on all macOS devices that are capable of using TouchID. The system must remain locked until the user establishes access using an authorized identification and authentication method. Audit: Verify the macOS system is configured to disable TouchID for ...

The prompt for TouchID during Setup Assistant must be disabled. macOS prompts new users through enabling TouchID during Setup Assistant; this is not essential, and therefore must be disabled to prevent against the risk of individuals electing to enable TouchID to override organizationwide settings. Audit: Verify the macOS system is configured to disable TouchID prompt during Setup Assist ...

Proximity-based password sharing requests must be disabled. The default behavior of macOS is to allow users to request passwords from other known devices (macOS and iOS). This feature must be disabled to prevent passwords from being shared. Audit: Verify the macOS system is configured to disable proximity-based password sharing requests with the following command: /usr/bin/osascript -l ...

If FileVault is enabled, automatic log on must be disabled, so that both FileVault and login window authentication are required. The default behavior of macOS when FileVault is enabled is to automatically log on to the computer once successfully passing user's FileVault credentials. Note: DisableFDEAutoLogin does not have to be set on Apple Silicon-based macOS systems that are smartcard enforced, ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3047

© SecPod Technologies