STIGQter: STIG Summary: Apple OS X 10.14 (Mojave) Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.

DISA Rule

SV-105131r2_rule

Vulnerability Number

V-95993

Group Title

SRG-OS-000424-GPOS-00188

Rule Version

AOSX-14-004011

Severity

CAT II

CCI(s)

• CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
• CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
• CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.

Weight

10

Fix Recommendation

To enable the SSHD service, run the following command:

/usr/bin/sudo /bin/launchctl enable system/com.openssh.sshd

The system may need to be restarted for the update to take effect.

Check Contents

For systems that allow remote access, run the following command:

/usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.openssh.sshd

If the results do not show the following, this is a finding.

"com.openssh.sshd" => false

Vulnerability Number

V-95993

Documentable

False

Rule Version

AOSX-14-004011

Severity Override Guidance

For systems that allow remote access, run the following command:

/usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.openssh.sshd

If the results do not show the following, this is a finding.

"com.openssh.sshd" => false

Check Content Reference

M

Target Key

3429

Comments