Monterey – Allow Smartcard Authentication
Details Smartcard authentication _MUST_ be allowed. The use of smartcard credentials facilitates standardization and reduces the risk of unauthorized access....
- Home
- Security Hardening
- NIST MacOS Monterey V1.0.0 CNSSI 1253
NIST MacOS Monterey V1.0.0 CNSSI 1253
Monterey – Apply Gatekeeper Settings to Block Applications from Unidentified Developers
Details The information system implements cryptographic mechanisms to authenticate software prior to installation. Gatekeeper settings must be configured correctly to...Monterey – Automatically Remove or Disable Emergency Accounts within 72 Hours
Details The macOS is able to be configured to automatically remove or disable emergency accounts within 72 hours or less....Monterey – Automatically Remove or Disable Temporary User Accounts within 72 Hours
Details The macOS is able to be configured to set an automated termination for 72 hours or less for all...Monterey – Configure Audit Log Files Group to Wheel
Details Audit log files _MUST_ have the group set to wheel. The audit service _MUST_ be configured to create log...Monterey – Configure Audit Log Files to be Owned by Root
Details Audit log files _MUST_ be owned by root. The audit service _MUST_ be configured to create log files with...Monterey – Configure Audit Log Files to Mode 440 or Less Permissive
Details The audit service _MUST_ be configured to create log files that are readable only by the root user and...Monterey – Configure Audit Log Files to Not Contain Access Control Lists
Details The audit log files _MUST_ not contain access control lists (ACLs). This rule ensures that audit information and audit...Monterey – Configure Audit Log Folders Group to Wheel
Details Audit log files _MUST_ have the group set to wheel. The audit service _MUST_ be configured to create log...Monterey – Configure Audit Log Folders to be Owned by Root
Details Audit log files _MUST_ be owned by root. The audit service _MUST_ be configured to create log files with...