Apple introduced Lockdown Mode as a security feature in their 2022 OS releases that provides additional security protection Apple describes as extreme. Users and organizations that suspect some users are targets of advanced attacks must consider using this control. When lockdown mode is enabled, specific trusted websites can be excluded from Lockdown protection if necessary. Rationale: Lockdown Mode was designed by Apple as an aggressive approach to commonly attacked OS features where additional controls could reduce the attack surface. IT systems and devices, including their users, are subject to continuous exploit attempts. Most of that activity is not from an advanced attacker and can be considered background noise to a patched, hardened device. Advanced attackers are of more concern and a risk review to understand organizational targets and use Lockdown Mode where appropriate is necessary. Impact: Lockdown Mode must be tested appropriately for real-world impact on users prior to use. As a new feature there is not sufficient technical reporting on user impacts. Remediation: Graphical Method: Perform the following steps to set Lockdown Mode to your organization's requirements: 1. Open System Settings 2. Select Privacy and Security 3. Set Lockdown Mode to your organization's parameters NOTE: When Lockdown Mode is enabled, some apps and features will function differently, including: Messages – most message attachment types will be blocked, other than certain images, video and audio. Some features, such as links and link previews, will be unavailable. Web browsing – certain complex web technologies will be blocked, which may cause some websites to load more slowly or to not operate correctly. In addition, web fonts may not be displayed, and images may be replaced with a missing image icon. FaceTime – incoming FaceTime calls will be blocked unless you’ve previously called that person or contact. Features such as SharePlay and Live Photos are unavailable. Apple services – incoming invitations for Apple services, such as invitations to manage a home in the Home app, are blocked unless you have invited that person previously. Game Center is also disabled. Photos – when you share photos, location information is excluded. Shared albums are removed from the Photos app, and new Shared Album invitations are blocked. You can still view these shared albums on other devices that haven’t enabled Lockdown Mode. Device connections – to connect your iPhone or iPad to an accessory or another computer, the device needs to be unlocked. To connect your Mac laptop with Apple silicon to an accessory, your Mac needs to be unlocked and you need to provide explicit approval. Wireless connectivity – your device won’t automatically join non-secure Wi-Fi networks and will disconnect from a non-secure Wi-Fi network when you turn on Lockdown Mode. 2G mobile support is turned off. Configuration profiles – configuration profiles can’t be installed, and the device can’t be enrolled in Mobile Device Management or device supervision while in Lockdown Mode. Phone calls and plain text messages will continue to work while Lockdown Mode is enabled. Emergency features, such as SOS emergency calls, will not be affected.

[Yes/No]

Remediation: Graphical Method: Perform the following steps to set Lockdown Mode to your organization's requirements: 1. Open System Settings 2. Select Privacy and Security 3. Set Lockdown Mode to your organization's parameters