Apple macOS 14 (Sonoma) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000033-GPOS-00014
<GroupDescription></GroupDescription>Group -
The macOS system must limit SSH to FIPS-compliant connections.
<VulnDiscussion>SSH must be configured to limit the Ciphers, HostbasedAcceptedAlgorithms, HostKeyAlgorithms, KexAlgorithms, MACs, PubkeyAccep...Rule High Severity -
SRG-OS-000021-GPOS-00005
<GroupDescription></GroupDescription>Group -
The macOS system must set account lockout time to 15 minutes.
<VulnDiscussion>The macOS must be configured to enforce a lockout time period of at least 15 minutes when the maximum number of failed logon ...Rule Medium Severity -
SRG-OS-000029-GPOS-00010
<GroupDescription></GroupDescription>Group -
The macOS system must enforce screen saver timeout.
<VulnDiscussion>The screen saver timeout must be set to 900 seconds or a shorter length of time. This rule ensures that a full session lock ...Rule Medium Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
The macOS system must enable SSH server for remote access sessions.
<VulnDiscussion>Remote access sessions must use encrypted methods to protect unauthorized individuals from gaining access. Satisfies: SRG-OS...Rule Medium Severity -
SRG-OS-000104-GPOS-00051
<GroupDescription></GroupDescription>Group -
The macOS system must disable logon to other user's active and locked sessions.
<VulnDiscussion>The ability to log in to another user's active or locked session must be disabled. macOS has a privilege that can be granted...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules