STIGQter: STIG Summary: Apple OS X 10.15 (Catalina) Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 23 Apr 2021:

The macOS system must enforce access restrictions.

DISA Rule

SV-225197r610901_rule

Vulnerability Number

V-225197

Group Title

SRG-OS-000364-GPOS-00151

Rule Version

AOSX-15-002063

Severity

CAT I

CCI(s)

• CCI-001813 - The information system enforces access restrictions.

Weight

10

Fix Recommendation

This setting is enforced using the "Login Window Policy" configuration profile.

Check Contents

To check that the system is configured to disable the guest account, run the following command:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableGuestAccount

If the result is null or not "DisableGuestAccount = 1", this is a finding.

Vulnerability Number

V-225197

Documentable

False

Rule Version

AOSX-15-002063

Severity Override Guidance

To check that the system is configured to disable the guest account, run the following command:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableGuestAccount

If the result is null or not "DisableGuestAccount = 1", this is a finding.

Check Content Reference

M

Target Key

4212

Comments