STIGQter: STIG Summary: Apple OS X 10.14 (Mojave) Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The macOS system must be configured to disable the application FaceTime.

DISA Rule

SV-209575r610285_rule

Vulnerability Number

V-209575

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

AOSX-14-002010

Severity

CAT III

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.
• CCI-001774 - The organization employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system.

Weight

10

Fix Recommendation

This setting is enforced using the "Restrictions Policy" configuration profile.

Check Contents

To check if there is a configuration policy defined for "Application Restrictions", run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep -A 5 familyControlsEnabled | grep "FaceTime"

If the return does not contain "/Applications/FaceTime.app", this is a finding.

Vulnerability Number

V-209575

Documentable

False

Rule Version

AOSX-14-002010

Severity Override Guidance

To check if there is a configuration policy defined for "Application Restrictions", run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep -A 5 familyControlsEnabled | grep "FaceTime"

If the return does not contain "/Applications/FaceTime.app", this is a finding.

Check Content Reference

M

Target Key

2930

Comments