mirror of
https://github.com/usnistgov/macos_security.git
synced 2026-03-04 09:13:19 +00:00
41 lines
1.0 KiB
YAML
41 lines
1.0 KiB
YAML
id: sysprefs_diagnostics_reports_disable
|
|
title: "Disable Sending Diagnostic and Usage Data to Apple"
|
|
discussion: |
|
|
The ability to submit diagnostic data to Apple _MUST_ be disabled.
|
|
|
|
The information system _MUST_ be configured to provide only essential capabilities. Disabling the submission of diagnostic and usage information will mitigate the risk of unwanted data being sent to Apple.
|
|
check: |
|
|
/usr/bin/profiles -P -o stdout | /usr/bin/grep -Ec '(allowDiagnosticSubmission = 0|AutoSubmit = 0)'
|
|
result:
|
|
integer: 2
|
|
fix: |
|
|
This is implemented by a Configuration Profile.
|
|
references:
|
|
cce:
|
|
- CCE-84829-1
|
|
cci:
|
|
- CCI-000382
|
|
800-53r4:
|
|
- AC-20
|
|
- SI-11
|
|
srg:
|
|
- SRG-OS-000096-GPOS-00050
|
|
disa_stig:
|
|
- AOSX-14-002021
|
|
800-171r2:
|
|
- 3.1.20
|
|
macOS:
|
|
- "10.15"
|
|
tags:
|
|
- 800-171
|
|
- cnssi-1253
|
|
- fisma-low
|
|
- fisma-moderate
|
|
- fisma-high
|
|
mobileconfig: true
|
|
mobileconfig_info:
|
|
com.apple.SubmitDiagInfo:
|
|
AutoSubmit: false
|
|
com.apple.applicationaccess:
|
|
allowDiagnosticSubmission: false
|