From db2c87f4d4bb626167d963bafdd4f0ff9f5bc24a Mon Sep 17 00:00:00 2001
From: Allen Golbig <allen.m.golbig@nasa.gov>
Date: Thu, 15 Jul 2021 12:53:50 -0400
Subject: [PATCH] more rev5 edits

---
 rules/audit/audit_auditd_enabled.yaml              |  1 +
 rules/audit/audit_flags_aa_configure.yaml          |  1 +
 rules/audit/audit_flags_ad_configure.yaml          |  1 +
 rules/audit/audit_flags_ex_configure.yaml          |  1 +
 rules/audit/audit_flags_fd_configure.yaml          |  1 +
 rules/audit/audit_flags_fm_configure.yaml          |  1 +
 rules/audit/audit_flags_fr_configure.yaml          |  1 +
 rules/audit/audit_flags_fw_configure.yaml          |  1 +
 rules/audit/audit_flags_lo_configure.yaml          |  1 +
 rules/os/os_secure_boot_verify.yaml                |  1 +
 rules/os/os_time_server_enabled.yaml               |  1 +
 rules/supplemental/supplemental_controls.yaml      | 14 +++++++-------
 rules/sysprefs/sysprefs_time_server_configure.yaml |  1 +
 rules/sysprefs/sysprefs_time_server_enforce.yaml   |  1 +
 14 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/rules/audit/audit_auditd_enabled.yaml b/rules/audit/audit_auditd_enabled.yaml
index c14505fb..a74b83fa 100644
--- a/rules/audit/audit_auditd_enabled.yaml
+++ b/rules/audit/audit_auditd_enabled.yaml
@@ -39,6 +39,7 @@ references:
     - AU-3(1)
     - AU-8
     - AU-12
+    - AU-12(1)
     - AU-12(3)
     - AU-14(1)
     - MA-4(1)
diff --git a/rules/audit/audit_flags_aa_configure.yaml b/rules/audit/audit_flags_aa_configure.yaml
index e7a82ef6..98a47c0a 100644
--- a/rules/audit/audit_flags_aa_configure.yaml
+++ b/rules/audit/audit_flags_aa_configure.yaml
@@ -21,6 +21,7 @@ references:
   cci:
     - CCI-000172
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - MA-4(1)
diff --git a/rules/audit/audit_flags_ad_configure.yaml b/rules/audit/audit_flags_ad_configure.yaml
index 6996fd18..19beb409 100644
--- a/rules/audit/audit_flags_ad_configure.yaml
+++ b/rules/audit/audit_flags_ad_configure.yaml
@@ -31,6 +31,7 @@ references:
     - CCI-002234
     - CCI-002884
   800-53r5:
+    - AC-2(12)
     - AC-6(9)
     - AU-12
     - AC-2(4)
diff --git a/rules/audit/audit_flags_ex_configure.yaml b/rules/audit/audit_flags_ex_configure.yaml
index 0ceac32d..a67ce6f6 100644
--- a/rules/audit/audit_flags_ex_configure.yaml
+++ b/rules/audit/audit_flags_ex_configure.yaml
@@ -22,6 +22,7 @@ references:
   cci:
     - N/A    
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - CM-5(1)
diff --git a/rules/audit/audit_flags_fd_configure.yaml b/rules/audit/audit_flags_fd_configure.yaml
index 5582bdef..947a649f 100644
--- a/rules/audit/audit_flags_fd_configure.yaml
+++ b/rules/audit/audit_flags_fd_configure.yaml
@@ -24,6 +24,7 @@ references:
     - CCI-000172
     - CCI-001814
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - AU-9
diff --git a/rules/audit/audit_flags_fm_configure.yaml b/rules/audit/audit_flags_fm_configure.yaml
index e8913f45..5668884a 100644
--- a/rules/audit/audit_flags_fm_configure.yaml
+++ b/rules/audit/audit_flags_fm_configure.yaml
@@ -24,6 +24,7 @@ references:
     - CCI-000172
     - CCI-001814
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - AU-9
diff --git a/rules/audit/audit_flags_fr_configure.yaml b/rules/audit/audit_flags_fr_configure.yaml
index 0e59cded..754d9cec 100644
--- a/rules/audit/audit_flags_fr_configure.yaml
+++ b/rules/audit/audit_flags_fr_configure.yaml
@@ -24,6 +24,7 @@ references:
     - CCI-000172
     - CCI-001814
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - AU-9
diff --git a/rules/audit/audit_flags_fw_configure.yaml b/rules/audit/audit_flags_fw_configure.yaml
index c234b8db..b4a6335f 100644
--- a/rules/audit/audit_flags_fw_configure.yaml
+++ b/rules/audit/audit_flags_fw_configure.yaml
@@ -23,6 +23,7 @@ references:
   cci:
     - CCI-000162
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AU-2
     - AU-9
diff --git a/rules/audit/audit_flags_lo_configure.yaml b/rules/audit/audit_flags_lo_configure.yaml
index 449372ba..6cce40cc 100644
--- a/rules/audit/audit_flags_lo_configure.yaml
+++ b/rules/audit/audit_flags_lo_configure.yaml
@@ -22,6 +22,7 @@ references:
     - CCI-000067
     - CCI-000172
   800-53r5:
+    - AC-2(12)
     - AU-12
     - AC-17(1)
     - AU-2
diff --git a/rules/os/os_secure_boot_verify.yaml b/rules/os/os_secure_boot_verify.yaml
index 11bd6aa4..2371e0b1 100644
--- a/rules/os/os_secure_boot_verify.yaml
+++ b/rules/os/os_secure_boot_verify.yaml
@@ -18,6 +18,7 @@ references:
   800-53r5:
     - SI-7
     - SI-7(1)
+    - SI-7(5)
     - SI-6
   800-53r4:
     - SI-6
diff --git a/rules/os/os_time_server_enabled.yaml b/rules/os/os_time_server_enabled.yaml
index 2d1ed8f9..a3c8b647 100644
--- a/rules/os/os_time_server_enabled.yaml
+++ b/rules/os/os_time_server_enabled.yaml
@@ -18,6 +18,7 @@ references:
     - CCI-001891
     - CCI-002046
   800-53r5:
+    - AU-12(1)
     - SC-45(1)
   800-53r4: 
     - AU-8(1)
diff --git a/rules/supplemental/supplemental_controls.yaml b/rules/supplemental/supplemental_controls.yaml
index 141fc9a6..e797d7c5 100644
--- a/rules/supplemental/supplemental_controls.yaml
+++ b/rules/supplemental/supplemental_controls.yaml
@@ -3,7 +3,7 @@ title: "Out of Scope Supplemental"
 discussion: |
   There are several requirements defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5 that can be met by making configuration changes to the operating system. However, NIST SP 800-53 (Rev. 5) contains a broad set of guidelines that attempt to address all aspects of an information system or systems within an organization. Because the macOS Security Compliance Project is tailored specifically to macOS, some requirements defined in NIST SP 800-53 (Rev. 5) are not applicable. 
 
-  This supplemental contains those controls that are assigned to a baseline in NIST SP 800-53 (Rev. 5) which cannot be addressed with a technical configuration for macOS. These controls can be accomplished though administrative or procedural processes within an organization or via integration of the macOS system into enterprise information systems which are configured to protect the systems within.
+  This supplemental contains those controls that are assigned to a baseline in NIST SP 800-53 (Rev. 5) which cannot be addressed with a technical configuration for macOS. These controls can be accomplished though administrative or procedural processes within an organization or via integration of the macOS system into enterprise information systems which are configured to protect the systems within. 
   
   [cols="15%h, 85%a"]
   |===
@@ -12,7 +12,7 @@ discussion: |
   |Access Control (AC)
 
   |Controls 
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-1[AC-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-2[AC-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-14[AC-14], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-17[AC-17(4)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-22[AC-22]
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-1[AC-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-2[AC-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-3[AC-3(14)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-14[AC-14], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-17[AC-17(4)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AC-22[AC-22]
 
   |=== 
 
@@ -33,7 +33,7 @@ discussion: |
   |Audit and Accountability (AU)
 
   |Controls
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AU-1[AU-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AU-6[AU-6]
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AU-1[AU-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AU-6[AU-6], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=AU-9[AU-9(2)]
   |=== 
 
   [cols="15%h, 85%a"]
@@ -43,7 +43,7 @@ discussion: |
   |Security Assessment and Authorization (CA)
 
   |Controls
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-1[CA-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-2[CA-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-3[CA-3], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-5[CA-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-6[CA-6], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-7[CA-7], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-9[CA-9]
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-1[CA-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-2[CA-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-3[CA-3], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-3[CA-3(6)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-5[CA-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-6[CA-6], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-7[CA-7], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-7[CA-7(4)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=CA-9[CA-9]
   |=== 
 
   [cols="15%h, 85%a"]
@@ -83,7 +83,7 @@ discussion: |
   |Incident Response (IR)
 
   |Controls
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-1[IR-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-2[IR-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-4[IR-4], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-5[IR-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-6[IR-6], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-7[IR-7], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-8[IR-8],
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-1[IR-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-2[IR-2], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-4[IR-4], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-5[IR-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-6[IR-6], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-7[IR-7], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=IR-8[IR-8]
   |=== 
 
   [cols="15%h, 85%a"]
@@ -164,7 +164,7 @@ discussion: |
   |System and Communications Protection (SC)
 
   |Controls
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-1[SC-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-12[SC-12], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-15[SC-15], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-20[SC-20], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-22[SC-22], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-39[SC-39]
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-1[SC-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-7[SC-7(3)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-7[SC-7(7)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-7[SC-7(8)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-7[SC-7(18)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-7[SC-7(21)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-12[SC-12], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-12[SC-12(1)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-20[SC-20], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-22[SC-22], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SC-23[SC-23]
   |===
 
   [cols="15%h, 85%a"]
@@ -174,7 +174,7 @@ discussion: |
   |System and Information Integrity (SI)
 
   |Controls
-  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-1[SI-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-5[SI-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-12[SI-12]
+  |link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-1[SI-1], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(2)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(4)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(5)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(12)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(14)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(20)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-4[SI-4(22)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-5[SI-5], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-7[SI-7(2)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-8[SI-8(2)], link:https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#!/control?version=5.1&number=SI-12[SI-12]
   |===
 check: |
 fix: |
diff --git a/rules/sysprefs/sysprefs_time_server_configure.yaml b/rules/sysprefs/sysprefs_time_server_configure.yaml
index 6b4d2fbf..3f92d9ea 100644
--- a/rules/sysprefs/sysprefs_time_server_configure.yaml
+++ b/rules/sysprefs/sysprefs_time_server_configure.yaml
@@ -17,6 +17,7 @@ references:
     - CCI-001891
     - CCI-002046
   800-53r5:
+    - AU-12(1)
     - SC-45(1)
   800-53r4: 
     - AU-8(1)
diff --git a/rules/sysprefs/sysprefs_time_server_enforce.yaml b/rules/sysprefs/sysprefs_time_server_enforce.yaml
index 76f7ab00..c5bfba76 100644
--- a/rules/sysprefs/sysprefs_time_server_enforce.yaml
+++ b/rules/sysprefs/sysprefs_time_server_enforce.yaml
@@ -17,6 +17,7 @@ references:
     - CCI-001891
     - CCI-002046
   800-53r5:
+    - AU-12(1)
     - SC-45(1)
   800-53r4: 
     - AU-8(1)