STIGQter: STIG Summary: Apple macOS 11 (Big Sur) Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The macOS system must enforce access restrictions.

DISA Rule

SV-230823r599842_rule

Vulnerability Number

V-230823

Group Title

SRG-OS-000364-GPOS-00151

Rule Version

APPL-11-002063

Severity

CAT I

CCI(s)

• CCI-001813 - The information system enforces access restrictions.

Weight

10

Fix Recommendation

This setting is enforced using the "Login Window Policy" configuration profile.

Check Contents

To check that the system is configured to disable the guest account, run the following command:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableGuestAccount

If the result is null or not "DisableGuestAccount = 1", this is a finding.

Vulnerability Number

V-230823

Documentable

False

Rule Version

APPL-11-002063

Severity Override Guidance

To check that the system is configured to disable the guest account, run the following command:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep DisableGuestAccount

If the result is null or not "DisableGuestAccount = 1", this is a finding.

Check Content Reference

M

Target Key

5246

Comments