From ca69fd9505db5d9b5f040ab5ddf12cdf6ea0d400 Mon Sep 17 00:00:00 2001 From: Allen Golbig Date: Thu, 9 Nov 2023 13:21:31 -0500 Subject: [PATCH] fix[rule] os_safari_force_fraud_warning_enable Added os_safari_force_fraud_warning_enable --- rules/os/os_safari_cookies_set.yaml | 3 +- .../os_safari_force_fraud_warning_enable.yaml | 40 +++++++++++++++++++ 2 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 rules/os/os_safari_force_fraud_warning_enable.yaml diff --git a/rules/os/os_safari_cookies_set.yaml b/rules/os/os_safari_cookies_set.yaml index b03f7150..c72eeea1 100644 --- a/rules/os/os_safari_cookies_set.yaml +++ b/rules/os/os_safari_cookies_set.yaml @@ -11,7 +11,7 @@ references: cci: - N/A 800-53r5: - - PM-20(01) + - N/A sfr: - N/A disa_stig: @@ -28,7 +28,6 @@ iOS: - "17.0" tags: - ios - - 800-53r5_privacy - cis_lvl1_byod - cis_lvl2_byod - cis_lvl1_enterprise diff --git a/rules/os/os_safari_force_fraud_warning_enable.yaml b/rules/os/os_safari_force_fraud_warning_enable.yaml new file mode 100644 index 00000000..d52eb15a --- /dev/null +++ b/rules/os/os_safari_force_fraud_warning_enable.yaml @@ -0,0 +1,40 @@ +id: os_safari_force_fraud_warning_enable +title: "Ensure Force Fraud Warning is set to Enabled" +discussion: | + Force fraud warning _MUST_ be enabled in Safari. +check: " " +fix: | + This is implemented by a Configuration Profile. +references: + cce: + - CCE-93464-6 + cci: + - N/A + 800-53r5: + - N/A + sfr: + - N/A + disa_stig: + - N/A + 800-171r2: + - N/A + cis: + benchmark: + - 2.2.2.1 (level 1 - End-User Owned Devices) + - 3.2.2.1 (level 1 - Institutionally-Owned Devices) + controls v8: + - 9.4 +iOS: + - "17.0" +tags: + - ios + - cis_lvl1_byod + - cis_lvl2_byod + - cis_lvl1_enterprise + - cis_lvl2_enterprise + - cisv8 +supervised: false +mobileconfig: true +mobileconfig_info: + com.apple.applicationaccess: + safariForceFraudWarning: true \ No newline at end of file