Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-252537 | APPL-12-005051 | SV-252537r877369_rule | Medium |
Description |
---|
External writeable media devices must be disabled for users. External USB devices are a potential vector for malware and can be used to exfiltrate sensitive data. Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000319-GPOS-00164 |
STIG | Date |
---|---|
Apple macOS 12 (Monterey) Security Technical Implementation Guide | 2023-06-01 |
Check Text ( C-55993r877368_chk ) |
---|
Verify the system is configured to disable external writeable media devices: $ /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/egrep -A 3 'blankbd|blankcd|blankdvd|dvdram|harddisk-external' “blankbd" = ( deny, eject ); “blankcd" = ( deny, eject ); “blankdvd" = ( deny, eject ); “dvdram" = ( deny, eject ); “harddisk-external" = ( deny, eject ); If the result does not match the output above and the external writeable media devices have not been approved by the Authorizing Official, this is a finding. |
Fix Text (F-55943r816424_fix) |
---|
This setting is enforced using the "Restrictions Policy" configuration profile. |