U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS Apple macOS 10.14 Mojave Benchmark 2.0.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Apple OS X 10.14 cpe:/o:apple:mac_os_x:10.14 (View CVEs)

Checklist Highlights

Checklist Name:
CIS Apple macOS 10.14 Mojave Benchmark
Checklist ID:
1119
Version:
2.0.0
Type:
Compliance
Review Status:
Final
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
11/01/2021

Checklist Summary:

This document, CIS Apple macOS 10.14 Mojave Benchmark, provides prescriptive guidance for establishing a secure configuration posture for Apple macOS 10.14 Mojave. This guide was tested against Apple macOS 10.14 Mojave. To obtain the latest version of this guide, please visit http://benchmarks.cisecurity.org. If you have questions, comments, or have identified ways to improve this guide, please write us at feedback@cisecurity.org. This Benchmark includes instructions for auditing and remediation that includes three different methods (Graphical User Interface (GUI), Command Line Interface using Terminal (CLI), Configuration Profiles) to evaluate the current configuration status and make changes as desired. In most cases all methods are supported by the Operating System and it is up to organizational implementation personnel on how best to implement. There are some recommendations that can only be managed through one of the methods. Each organization must decide if control management outside their standard process is required if no solution is possible through their organization's specific choice of implementation. It is best practice, for Enterprise managed devices at this time, to use profiles for management, a mix of both profile device management, and command line hardening scripts will be the most comprehensive solution. More profile information https://developer.apple.com/documentation/devicemanagement https://developer.apple.com/documentation/devicemanagement/configuring_multiple_devices_using_profiles

Checklist Role:

  • Operating System

Known Issues:

Not provided.

Target Audience:

This document is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Apple macOS 10.14.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

new checklist - 2/26/24
updated status to FINAL - 3/28/24

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 03/28/2024