The macOS system must restrict the ability of individuals to write to external optical media.
An XCCDF Rule
Description
External writeable media devices must be disabled for users. External optical media devices can be used to exfiltrate sensitive data if an approved data-loss prevention (DLP) solution is not installed.
- ID
- SV-257245r905368_rule
- Version
- APPL-13-005053
- Severity
- Low
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the macOS system to disable writing to external optical media devices by installing the "Restrictions Policy" configuration profile.