Apple macOS 15 (Sequoia) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The macOS system must configure SSHD unused connection timeout to 900.
If SSHD is enabled, it must be configured with unused connection timeout set to 900. This will set the timeout when there are no open channels within a session. NOTE: /etc/ssh/sshd_config will be...Rule Medium Severity -
SRG-OS-000163-GPOS-00072
Group -
SRG-OS-000279-GPOS-00109
Group -
The macOS system must enforce auto logout after 86400 seconds of inactivity.
Auto logout must be configured to automatically terminate a user session and log out after 86400 seconds of inactivity. NOTE: The maximum that macOS can be configured for autologoff is 86400 secon...Rule Medium Severity -
SRG-OS-000355-GPOS-00143
Group -
SRG-OS-000355-GPOS-00143
Group -
SRG-OS-000064-GPOS-00033
Group -
The macOS system must configure sudo to log events.
Sudo must be configured to log privilege escalation. Without logging privilege escalation, it is difficult to identify attempted attacks because no audit trail is available for forensic investigat...Rule Medium Severity -
SRG-OS-000004-GPOS-00004
Group -
SRG-OS-000032-GPOS-00013
Group -
The macOS system must be configured to audit all login and logout events.
The audit system must be configured to record all attempts to log in and out of the system (lo). Frequently, an attacker that successfully gains access to a system has only gained access to an acc...Rule Medium Severity -
SRG-OS-000037-GPOS-00015
Group -
The macOS system must enable security auditing.
The information system must be configured to generate audit records. Audit records establish what types of events have occurred, when they occurred, and which users were involved. These records ai...Rule Medium Severity -
SRG-OS-000047-GPOS-00023
Group -
The macOS system must be configured to shut down upon audit failure.
The audit service must be configured to shut down the computer if it is unable to audit system events. Once audit failure occurs, user and system activity are no longer recorded, and malicious act...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
SRG-OS-000057-GPOS-00027
Group -
SRG-OS-000057-GPOS-00027
Group -
The macOS system must configure the audit log files group to wheel.
Audit log files must have the group set to wheel. The audit service must be configured to create log files with the correct group ownership to prevent normal users from reading audit logs. Audit ...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.