STIGQter STIGQter: STIG Summary: Apple OS X 10.15 (Catalina) Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 23 Apr 2021:

The macOS Application Firewall must be enabled.

DISA Rule

SV-225221r610901_rule

Vulnerability Number

V-225221

Group Title

SRG-OS-000480-GPOS-00232

Rule Version

AOSX-15-005050

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

This setting is enforced using the "Restrictions Policy" configuration profile.

Check Contents

Verify that the built-in Firewall is enabled:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep 'EnableFirewall\|EnableStealthMode'

If the return is not "EnableFirewall = 1;" and "EnableStealthMode = 1;" this is a finding.

Vulnerability Number

V-225221

Documentable

False

Rule Version

AOSX-15-005050

Severity Override Guidance

Verify that the built-in Firewall is enabled:

# /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep 'EnableFirewall\|EnableStealthMode'

If the return is not "EnableFirewall = 1;" and "EnableStealthMode = 1;" this is a finding.

Check Content Reference

M

Target Key

4212

Comments