Check: APPL-11-000015
Apple macOS 11 (Big Sur) STIG:
APPL-11-000015
(in versions v1 r8 through v1 r4)
Title
The macOS system must utilize an Endpoint Security Solution (ESS) and implement all DoD required modules. (Cat II impact)
Discussion
The macOS system must employ automated mechanisms to determine the state of system components. The DoD requires the installation and use of an approved ESS to be implemented on the operating system. For additional information, reference all applicable ESS OPORDs and FRAGOs on SIPRNET.
Check Content
Verify that an approved ESS is installed on the system. If an approved ESS is not installed, this is a finding. Verify that all installed components of the ESS are at the DoD-approved minimal version. If the installed components are not at the DoD-approved minimal versions, this is a finding.
Fix Text
Install an approved ESS onto the system and ensure that all components are at least updated to their DoD-approved minimal versions.
Additional Identifiers
Rule ID: SV-230754r802346_rule
Vulnerability ID: V-230754
Group Title: SRG-OS-000191-GPOS-00080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001233 |
The organization employs automated mechanisms on an organization-defined frequency to determine the state of information system components with regard to flaw remediation. |
Controls
Number | Title |
---|---|
SI-2 (2) |
Automated Flaw Remediation Status |