STIGQter: STIG Summary: Apple OS X 10.15 (Catalina) Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 23 Apr 2021:

The macOS system must be configured to disable the application FaceTime.

DISA Rule

SV-225168r610901_rule

Vulnerability Number

V-225168

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

AOSX-15-002010

Severity

CAT III

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.
• CCI-001774 - The organization employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system.

Weight

10

Fix Recommendation

This setting is enforced using the "Restrictions Policy" configuration profile.

Check Contents

To check if there is a configuration policy defined for "Application Restrictions", run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep -A 5 familyControlsEnabled | grep "FaceTime"

If the return does not contain "/Applications/FaceTime.app", this is a finding.

Vulnerability Number

V-225168

Documentable

False

Rule Version

AOSX-15-002010

Severity Override Guidance

To check if there is a configuration policy defined for "Application Restrictions", run the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep -A 5 familyControlsEnabled | grep "FaceTime"

If the return does not contain "/Applications/FaceTime.app", this is a finding.

Check Content Reference

M

Target Key

4212

Comments