sysprefs_remote_management_disable

2026-03-04 09:13:19 +00:00 · 2021-12-29 16:09:05 -05:00
parent 68da1d2d23
commit da89a8740b
2 changed files with 51 additions and 2 deletions
--- a/rules/cis_lvl1.txt
+++ b/rules/cis_lvl1.txt
@@ -5,8 +5,6 @@ Recommendation #	Title
 2.2.2	Ensure time set is within appropriate limits
 	Desktop & Screen Saver
 2.3.3	Audit Lock Screen and Start Screen Saver Tools
-	Sharing
-2.4.9	Ensure Remote Management Is Disabled
 	Security & Privacy
 	Encryption
 2.5.1.2	Ensure all user storage APFS volumes are encrypted
--- a/rules/sysprefs/sysprefs_remote_management_disable.yaml
+++ b/rules/sysprefs/sysprefs_remote_management_disable.yaml
@@ -0,0 +1,51 @@
+id: sysprefs_remote_management_disable
+title: "Disable Remote Management"
+discussion: |
+  Remote Management _MUST_ be disabled. 
+check: |
+  /usr/libexec/mdmclient QuerySecurityInfo | /usr/bin/grep -c "RemoteDesktopEnabled = 0"
+result:
+  integer: 1
+fix: |
+  [source,bash]
+  ----
+  /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -stop
+  ----
+references:
+  cce:
+    - N/A
+  cci: 
+    - N/A
+  800-53r5:
+    - CM-7
+    - CM-7(1)
+  800-53r4: 
+    - CM-7
+    - CM-7(1)
+  srg:
+    - N/A
+  disa_stig: 
+    - N/A
+  800-171r2:
+    - N/A
+  cis:
+    benchmark: 
+      - 2.4.3 (level 1)
+    v8:
+      - 4.1
+      - 4.8
+macOS:
+  - "12.0"
+tags:
+  - 800-53r5_low
+  - 800-53r5_moderate
+  - 800-53r5_high
+  - 800-53r4_low
+  - 800-53r4_moderate
+  - 800-53r4_high
+  - cnssi-1253
+  - cis_lvl1
+  - cis_lvl2
+  - cisv8
+mobileconfig: false
+mobileconfig_info: