Catalina – Configure Audit Log Folders Group to Wheel
Details Audit log files _MUST_ have the group set to wheel. The audit service _MUST_ be configured to create log...
- Home
- Security Hardening
- NIST MacOS Catalina V1.5.0 All Profiles
NIST MacOS Catalina V1.5.0 All Profiles
Catalina – Configure Audit Log Folders to be Owned by Root
Details Audit log files _MUST_ be owned by root. The audit service _MUST_ be configured to create log files with...Catalina – Configure Audit Log Folders to Mode 700 or Less Permissive
Details The audit log folder _MUST_ be configured to mode 700 or less permissive so that only the root user...Catalina – Configure Audit Log Folder to Not Contain Access Control Lists
Details The audit log folder _MUST_ not contain access control lists (ACLs). Audit logs contain sensitive data about the system...Catalina – Configure Audit Retention to a Minimum of Seven Days
Details The audit service _MUST_ be configured to require records be kept for seven days or longer before deletion, unless...Catalina – Configure Automated Flaw Remediation
Details The macOS system _MUST_ be configured to determine the state of system components with regard to flaw remediation. NOTE:...Catalina – Configure Gatekeeper to Disallow End User Override
Details Gatekeeper _MUST_ be configured with a configuration profile to prevent normal users from overriding its settings. If users are...Catalina – Configure Login Window to Prompt for Username and Password
Details The login window _MUST_ be configured to prompt all users for both a username and a password. By default,...Catalina – Configure macOS to Use an Authorized Time Server
Details Approved time servers _MUST_ be the only servers configured for use. This rule ensures the uniformity of time stamps...Catalina – Configure SSH ServerAliveInterval option set to 900 or less
Details SSH _MUST_ be configured with an Active Server Alive Maximum Count set to 900 or less. Setting the Active...