Skip to content

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • PP-MDF-993300

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must disable "Allow network drive access in Files access".

    &lt;VulnDiscussion&gt;Allowing network drive access by the Files app could lead to the introduction of malware or unauthorized software into the DO...
    Rule Medium Severity
  • PP-MDF-993300

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must disable connections to Siri servers for the purpose of dictation.

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-993300

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must disable connections to Siri servers for the purpose of translation.

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-993300

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must disable copy/paste of data from managed to unmanaged applications.

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333350

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed.

    &lt;VulnDiscussion&gt;DOD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services....
    Rule Medium Severity
  • PP-MDF-993300

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must be configured to disable "Auto Unlock" of the iPhone by an Apple Watch.

    &lt;VulnDiscussion&gt;Auto Unlock allows an Apple Watch to automatically unlock an iPhone or Mac when in close proximity (not available for iPad). ...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (iCloud).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (iCloud document and data synchronization).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (iCloud Keychain).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (Cloud Photo Library).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Stream or Shared Photo Stream).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (managed applications data stored in iCloud).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333250

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must not allow backup to remote systems (enterprise books).

    &lt;VulnDiscussion&gt;If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses...
    Rule Medium Severity
  • PP-MDF-333240

    <GroupDescription></GroupDescription>
    Group
  • Apple iOS/iPadOS 17 must disable "Allow USB drive access in Files app" if the authorizing official (AO) has not approved the use of DOD-approved USB storage drives with iOS/iPadOS devices.

    &lt;VulnDiscussion&gt;Unauthorized use of USB storage drives could lead to the introduction of malware or unauthorized software into the DOD IT inf...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules