fix[rule] os_safari_force_fraud_warning_enable

Added os_safari_force_fraud_warning_enable
2026-03-18 06:32:12 +00:00 · 2023-11-09 13:21:31 -05:00
parent 2fb1e890c2
commit ca69fd9505
2 changed files with 41 additions and 2 deletions
--- a/rules/os/os_safari_cookies_set.yaml
+++ b/rules/os/os_safari_cookies_set.yaml
@@ -11,7 +11,7 @@ references:
  cci: 
    - N/A
  800-53r5:
-    - PM-20(01)
+    - N/A
  sfr:
    - N/A
  disa_stig:
@@ -28,7 +28,6 @@ iOS:
  - "17.0"
 tags:
  - ios
-  - 800-53r5_privacy
  - cis_lvl1_byod
  - cis_lvl2_byod
  - cis_lvl1_enterprise
--- a/rules/os/os_safari_force_fraud_warning_enable.yaml
+++ b/rules/os/os_safari_force_fraud_warning_enable.yaml
@@ -0,0 +1,40 @@
+id: os_safari_force_fraud_warning_enable
+title: "Ensure Force Fraud Warning is set to Enabled"
+discussion: |
+  Force fraud warning _MUST_ be enabled in Safari.
+check: " "
+fix: |
+  This is implemented by a Configuration Profile.
+references:
+  cce:
+    - CCE-93464-6
+  cci: 
+    - N/A
+  800-53r5:
+    - N/A
+  sfr:
+    - N/A
+  disa_stig:
+    - N/A
+  800-171r2:
+    - N/A
+  cis:
+    benchmark:
+      - 2.2.2.1 (level 1 - End-User Owned Devices)
+      - 3.2.2.1 (level 1 - Institutionally-Owned Devices)
+    controls v8:
+      - 9.4
+iOS:
+  - "17.0"
+tags:
+  - ios
+  - cis_lvl1_byod
+  - cis_lvl2_byod
+  - cis_lvl1_enterprise
+  - cis_lvl2_enterprise
+  - cisv8
+supervised: false
+mobileconfig: true
+mobileconfig_info:
+  com.apple.applicationaccess:
+    safariForceFraudWarning: true