I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The macOS system must disable proximity-based password sharing requests.
<VulnDiscussion>Proximity-based password sharing requests must be disabled. The default behavior of macOS is to allow users to request passw...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
The macOS system must disable Erase Content and Settings.
<VulnDiscussion>Erase Content and Settings must be disabled.</VulnDiscussion><FalsePositives></FalsePositives><FalseNega...Rule Medium Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
The macOS system must enable Authenticated Root.
<VulnDiscussion>Authenticated Root must be enabled. When Authenticated Root is enabled the macOS is booted from a signed volume that is cryp...Rule Medium Severity -
SRG-OS-000362-GPOS-00149
<GroupDescription></GroupDescription>Group -
The macOS system must prohibit user installation of software into /users/.
<VulnDiscussion>Users must not be allowed to install software into /users/. Allowing users who do not possess explicit privileges to install...Rule Medium Severity -
SRG-OS-000378-GPOS-00163
<GroupDescription></GroupDescription>Group -
The macOS system must authorize USB devices before allowing connection.
<VulnDiscussion>USB devices connected to a Mac must be authorized. [IMPORTANT] ==== This feature is removed if a smart card is paired or sma...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules