[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255716

 
 

909

 
 

198991

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-85254-1

Platform: cpe:/o:apple:mac_os_11Date: (C)2022-12-28   (M)2023-07-04



The information system _MUST_ be configured to generate audit records. Audit records establish what types of events have occurred, when they occurred, and which users were involved. These records aid an organization in their efforts to establish, correlate, and investigate the events leading up to an outage or attack. The content required to be captured in an audit record varies based on the impact level of an organization system. Content that may be necessary to satisfy this requirement includes, for example, time stamps, source addresses, destination addresses, user identifiers, event descriptions, success/fail indications, filenames involved, and access or flow control rules invoked. The information system initiates session audits at system start-up. Fix: /bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.auditd.plist


Parameter:

[yes/no]


Technical Mechanism:

/bin/launchctl load -w /System/Library/LaunchDaemons/com.apple.auditd.plist

CCSS Severity:CCSS Metrics:
CCSS Score : 5.9Attack Vector: LOCAL
Exploit Score: 2.5Attack Complexity: LOW
Impact Score: 3.4Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LScope: UNCHANGED
 Confidentiality: LOW
 Integrity: LOW
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:85822


OVAL    1
oval:org.secpod.oval:def:85822
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_11

© SecPod Technologies