Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Apple macOS 10.15

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Services

    The best protection against vulnerable software is running less software. This section describes how to review the software which Apple macOS 10.15...
    Group
    Show

  • System Accounting with audit

    The Basic Security Module (BSM) security audit API and file format is Apple's auditing system. The audit() function submits a record to the kernel ...
    Group
    Show

  • Enable audit Service

    The audit service is an essential userspace component of the auditing system, as it is responsible for writing audit records to disk.
    Rule High Severity
    Show

  • Configure auditd

    The <code>auditd</code> program can perform comprehensive monitoring of system activity. This section describes recommended configuration settings ...
    Group
    Show

  • Shutdown System When Auditing Failures Occur

    The macOS system must shut down by default upon audit failure unless availability is an overriding concern.
    Rule Medium Severity
    Show

  • Introduction

    The purpose of this guidance is to provide security configuration recommendations and baselines for the Apple macOS 10.15 operating system. Recomme...
    Group
    Show

  • General Principles

    The following general principles motivate much of the advice in this guide and should also influence any configuration decisions that are not expli...
    Group
    Show

  • Encrypt Transmitted Data Whenever Possible

    Data transmitted over a network, whether wired or wireless, is susceptible to passive monitoring. Whenever practical solutions for encrypting such ...
    Group
    Show

  • Least Privilege

    Grant the least privilege necessary for user accounts and software to perform tasks. For example, <code>sudo</code> can be implemented to limit aut...
    Group
    Show

  • Minimize Software to Minimize Vulnerability

    The simplest way to avoid vulnerabilities in software is to avoid installing that software. Apple macOS 10.15 allows for careful management of the ...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules