STIGQter: STIG Summary: Apple OS X 10.14 (Mojave) Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.DISA Rule
SV-105131r2_rule
Vulnerability Number
V-95993
Group Title
SRG-OS-000424-GPOS-00188
Rule Version
AOSX-14-004011
Severity
CAT II
CCI(s)
- CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
- CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
- CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.
Weight
10
Fix Recommendation
To enable the SSHD service, run the following command:
/usr/bin/sudo /bin/launchctl enable system/com.openssh.sshd
The system may need to be restarted for the update to take effect.
Check Contents
For systems that allow remote access, run the following command:
/usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.openssh.sshd
If the results do not show the following, this is a finding.
"com.openssh.sshd" => false
Vulnerability Number
V-95993
Documentable
False
Rule Version
AOSX-14-004011
Severity Override Guidance
For systems that allow remote access, run the following command:
/usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.openssh.sshd
If the results do not show the following, this is a finding.
"com.openssh.sshd" => false
Check Content Reference
M
Target Key
3429
Comments