mirror of
https://github.com/usnistgov/macos_security.git
synced 2026-02-03 05:53:24 +00:00
43 lines
788 B
YAML
43 lines
788 B
YAML
id: os_hibernate_mode_destroyfvkeyonstandby_enable
|
|
title: "Enable DestroyFVKeyOnStandby on Hibernate"
|
|
discussion: |
|
|
DestroyFVKeyOnStandby on hibernate _MUST_ be enabled.
|
|
check: |
|
|
/usr/bin/osascript -l JavaScript << EOS
|
|
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.MCX')\
|
|
.objectForKey('DestroyFVKeyOnStandby').js
|
|
EOS
|
|
result:
|
|
string: "true"
|
|
fix: |
|
|
This is implemented by a Configuration Profile.
|
|
references:
|
|
cce:
|
|
- CCE-92801-0
|
|
cci:
|
|
- N/A
|
|
800-53r5:
|
|
- N/A
|
|
800-53r4:
|
|
- N/A
|
|
srg:
|
|
- N/A
|
|
disa_stig:
|
|
- N/A
|
|
800-171r2:
|
|
- N/A
|
|
cis:
|
|
benchmark:
|
|
- 2.9.1.3 (level 2)
|
|
controls v8:
|
|
- 4.1
|
|
macOS:
|
|
- "14.0"
|
|
tags:
|
|
- cis_lvl2
|
|
- cisv8
|
|
mobileconfig: true
|
|
mobileconfig_info:
|
|
com.apple.MCX:
|
|
DestroyFVKeyOnStandby: true
|