diff --git a/baselines/cis_lvl1.yaml b/baselines/cis_lvl1.yaml index aee5e1378..4ee65dbdb 100644 --- a/baselines/cis_lvl1.yaml +++ b/baselines/cis_lvl1.yaml @@ -87,6 +87,7 @@ profile: - system_settings_firewall_stealth_mode_enable - system_settings_guest_access_smb_disable - system_settings_guest_account_disable + - system_settings_hot_corners_secure - system_settings_improve_assistive_voice_disable - system_settings_improve_search_disable - system_settings_improve_siri_dictation_disable diff --git a/includes/mscp-data.yaml b/includes/mscp-data.yaml index 53686bdae..9f098c9b3 100644 --- a/includes/mscp-data.yaml +++ b/includes/mscp-data.yaml @@ -97,8 +97,8 @@ titles: 800-53r5_moderate: NIST SP 800-53 Rev 5 Moderate Impact 800-53r5_low: NIST SP 800-53 Rev 5 Low Impact 800-171: NIST 800-171 Rev 3 - cis_lvl1: CIS Apple macOS 26.0 Tahoe v1.0.0 Benchmark (Level 1) - cis_lvl2: CIS Apple macOS 26.0 Tahoe v1.0.0 Benchmark (Level 2) + cis_lvl1: CIS Apple macOS 26.0 Tahoe v1.1.0 Benchmark (Level 1) + cis_lvl2: CIS Apple macOS 26.0 Tahoe v1.1.0 Benchmark (Level 2) cmmc_lvl1: US CMMC 2.0 Level 1 cmmc_lvl2: US CMMC 2.0 Level 2 cisv8: CIS Controls Version 8 diff --git a/rules/audit/audit_retention_configure.yaml b/rules/audit/audit_retention_configure.yaml index d23829d89..a148adaa1 100644 --- a/rules/audit/audit_retention_configure.yaml +++ b/rules/audit/audit_retention_configure.yaml @@ -45,8 +45,8 @@ macOS: odv: hint: See man audit_control for possible values. recommended: 7d - cis_lvl1: 60d OR 5G - cis_lvl2: 60d OR 5G + cis_lvl1: 30d + cis_lvl2: 30d stig: 7d nlmapgov_base: 180d nlmapgov_plus: 180d diff --git a/rules/supplemental/supplemental_cis_manual.yaml b/rules/supplemental/supplemental_cis_manual.yaml index a008640b3..87ea127ce 100644 --- a/rules/supplemental/supplemental_cis_manual.yaml +++ b/rules/supplemental/supplemental_cis_manual.yaml @@ -60,8 +60,9 @@ discussion: | 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured + 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured + 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured + - 5.3.1 Ensure All User Storage APFS Volumes are Encrypted + - 5.3.2 Ensure All User Storage CoreStorage Volumes are Encrypted + + 5.3.1 Ensure All Internal User storage APFS Volumes Are Encrypted + + 5.3.2 Ensure All APFS And HFS+ External User Storage Volumes Are Encrypted + + 5.3.3 Ensure No FAT32 And ExFAT Drives Are Connected |=== [cols="15%h, 85%a"] diff --git a/rules/system_settings/system_settings_guest_access_smb_disable.yaml b/rules/system_settings/system_settings_guest_access_smb_disable.yaml index 37b722a7f..ca4fc05be 100644 --- a/rules/system_settings/system_settings_guest_access_smb_disable.yaml +++ b/rules/system_settings/system_settings_guest_access_smb_disable.yaml @@ -5,9 +5,9 @@ discussion: | Turning off guest access prevents anonymous users from accessing files shared via SMB. check: | - /usr/bin/defaults read /Library/Preferences/SystemConfiguration/com.apple.smb.server AllowGuestAccess + /usr/sbin/sysadminctl -smbGuestAccess status 2>&1 | /usr/bin/grep -c "SMB guest access disabled" result: - boolean: 0 + integer: 1 fix: | [source,bash] ---- diff --git a/rules/system_settings/system_settings_hot_corners_secure.yaml b/rules/system_settings/system_settings_hot_corners_secure.yaml index c8f55b168..a50824517 100644 --- a/rules/system_settings/system_settings_hot_corners_secure.yaml +++ b/rules/system_settings/system_settings_hot_corners_secure.yaml @@ -49,7 +49,7 @@ references: - 03.01.10 cis: benchmark: - - 2.7.1 (level 2) + - 2.7.1 (level 1) controls v8: - 4.3 cmmc: @@ -57,6 +57,7 @@ references: macOS: - '26.0' tags: + - cis_lvl1 - cis_lvl2 - cisv8 - cnssi-1253_low