[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30475 Download | Alert*

Handoff must be disabled. Handoff allows users to continue working on a document or project when the user switches from one Apple device to another. Disabling Handoff prevents data transfers to unauthorized devices. Audit: Verify the macOS system is configured to disable handoff with the following command: /usr/bin/osascript -l JavaScript << EOS $.NSUserDefaults.alloc.initWithSuit ...

/etc/security/audit_control must not contain Access Control Lists (ACLs). /etc/security/audit_control contains sensitive configuration data about the audit service. This rule ensures that the audit service is configured to be readable and writable only by system administrators in order to prevent normal users from manipulating audit logs. Audit: Verify the macOS system is configured with ...

The macOS built-in Contacts.app connection to Apple's iCloud service must be disabled. Apple's iCloud service does not provide an organization with enough control over the storage and access of data, and, therefore, automated contact synchronization must be controlled by an organization approved service. Audit: Verify the macOS system is configured to disable iCloud Address Book with the ...

The prompt for Siri during Setup Assistant must be disabled. Organizations must apply organizationwide configuration settings. The macOS Siri Assistant Setup prompt guides new users through enabling their own specific Siri settings; this is not essential and, therefore, must be disabled to prevent against the risk of individuals electing Siri settings with the potential to override organizationwid ...

The System Settings pane for Wallet and Apple Pay must be disabled. Disabling the System Settings pane prevents the users from configuring Wallet and Apple Pay. Audit: Verify the macOS system is con figured to disable the System Settings pane for Wallet and Apple Pay with the following command: /usr/bin/profiles show -output stdout-xml | /usr/bin/xmllint --xpath '//key[text()="Dis ...

Enterprise networks may be required to audit all network traffic by policy; therefore, iCloud Private Relay must be disabled. Network administrators can also prevent the use of this feature by blocking DNS resolution of mask.icloud.com and mask-h2.icloud.com. Audit: Verify the macOS system is configured to disable the iCloud Private Relay with the following command: /usr/bin/osascript -l ...

Smart card authentication must be allowed. The use of smart card credentials facilitates standardization and reduces the risk of unauthorized access. When enabled, the smart card can be used for logon, authorization, and screen saver unlocking. Audit: Verify the macOS system is configured to allow smart card authentication with the following command: /usr/bin/osascript -l JavaScript &lt ...

The prompt for Screen Time setup during Setup Assistant must be disabled. Audit: Verify the macOS system is configured to disable Screen Time prompt during Setup Assistant with the following command: /usr/bin/osascript -l JavaScript << EOS $.NSUserDefaults.alloc.initWithSuiteName('com.apple.SetupAssistant.managed')\ .objectForKey('SkipScreenTime').js EOS If the result is not &quo ...

Erase Content and Settings must be disabled. Audit: Verify the macOS system is configured to disable Erase Content and Settings with the following command: /usr/bin/osascript -l JavaScript << EOS $.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\ .objectForKey('allowEraseContentAndSettings').js EOS If the result is not "false", this is a finding. ...

The system logs must be configured to be writable by root and readable only by the root user and group wheel. To achieve this, system log files must be configured to mode 640 permissive or less; thereby preventing normal users from reading, modifying, or deleting audit logs. System logs frequently contain sensitive information that could be used by an attacker. Setting the correct permissions miti ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3047

© SecPod Technologies