Check: AOSX-10-000070
Apple OS X 10-10 Workstation STIG:
AOSX-10-000070
(in versions v1 r5 through v1 r4)
Title
Wi-Fi support software must be disabled. (Cat II impact)
Discussion
Use of Wi-Fi to connect to unauthorized networks may facilitate the exfiltration of mission data.
Check Content
If the system requires Wi-Fi to connect to an authorized network, this is not applicable. To check if the Wi-Fi network device is disabled, run the following command: sudo networksetup -listallnetworkservices A disabled device will have an asterisk in front of its name. If the Wi-Fi device is missing this asterisk, this is a finding.
Fix Text
To disable the Wi-Fi network device, run the following command: sudo networksetup -setnetworkserviceenabled 'Wi-Fi' off
Additional Identifiers
Rule ID: SV-73971r1_rule
Vulnerability ID: V-59541
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001443 |
The information system protects wireless access to the system using authentication of users and/or devices. |
CCI-001444 |
The information system protects wireless access to the system using encryption. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |