Details

The information system _IS_ configured to implement approved cryptography to protect information.

Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules that adhere to the higher standards that have been tested, validated, and approved by the federal government.

macOS Catalina has received FIPS validation from the National Institute of Standards and Technology (NIST).

link:https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3858[]

link:https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3859[]

link:https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3811[]

link:https://support.apple.com/en-us/HT201159[]

Solution

The technology inherently meets this requirement. No fix is required.

Supportive Information

The following resource is also helpful.

• https://github.com/usnistgov/macos_security

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.

References

• 800-53|SC-13
• CCE|CCE-84867-1, CCI|CCI-002450

Source

• Tenable.com/audits