Check: AOSX-11-000070
Apple OS X 10-11 STIG:
AOSX-11-000070
(in versions v1 r6 through v1 r3)
Title
Wi-Fi support software must be disabled. (Cat II impact)
Discussion
Use of Wi-Fi to connect to unauthorized networks may facilitate the exfiltration of mission data.
Check Content
If the system requires Wi-Fi to connect to an authorized network, this is not applicable. To check if the Wi-Fi network device is disabled, run the following command: /usr/bin/sudo /usr/sbin/networksetup -listallnetworkservices A disabled device will have an asterisk in front of its name. If the Wi-Fi device is missing this asterisk, this is a finding.
Fix Text
To disable the Wi-Fi network device, run the following command: /usr/bin/sudo /usr/sbin/networksetup -setnetworkserviceenabled "Wi-Fi" off
Additional Identifiers
Rule ID: SV-81987r1_rule
Vulnerability ID: V-67497
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001443 |
The information system protects wireless access to the system using authentication of users and/or devices. |
CCI-001444 |
The information system protects wireless access to the system using encryption. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |