National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NIST SP 800-179 1.0 Checklist Details (Checklist Revisions)

Checklist Highlights

Checklist Name:
NIST SP 800-179
Checklist ID:
726
Version:
1.0
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: NIST, Computer Security Division
Original Publication Date:
12/13/2016

Checklist Summary:

This publication assists IT professionals in securing Apple OS X 10.10 desktop and laptop systems within various environments. It provides detailed information about the security features of OS X 10.10 and security configuration guidelines. The publication recommends and explains tested, secure settings with the objective of simplifying the administrative burden of improving the security of OS X 10.10 systems in three types of environments: Standalone, Managed, and Specialized Security-Limited Functionality.

Checklist Role:

  • Operating System

Known Issues:

See the project’s GitHub page for solutions to known issues: https://github.com/usnistgov/applesec

Target Audience:

This document has been created for IT professionals, particularly system administrators and information security personnel (security managers, engineers, administrators, etc.) who are responsible for securing or maintaining the security of OS X 10.10 systems. Auditors and others who need to assess the security of systems may also find this publication useful. The document assumes that the reader has experience installing and administering OS X-based systems. The document discusses various OS X 10.10 security settings in technical detail.

Target Operational Environment:

  • Standalone
  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

The security baselines were only tested on Apple OS X 10.10.

Regulatory Compliance:

FISMA with NIST SP 800-53 mapping

Comments/Warnings/Miscellaneous:

Perform a full backup of the system and data before applying the security baseline.

Disclaimer:

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic. NIST would appreciate acknowledgement if the document and baselines are used.

Product Support:

Not provided.

Point of Contact:

800-179comments@nist.gov

Sponsor:

Not provided.

Licensing:

This data was developed by employees of the National Institute of Standards and Technology (NIST), an agency of the Federal Government. Pursuant to title 15 United States Code Section 105, works of NIST employees are not subject to copyright protection in the United States and are considered to be in the public domain.

Change History:

Corrected link - 05/15/2017
Corrected SHA error - 3/1/2018

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 03/01/2018