Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-214872 | AOSX-13-000558 | SV-214872r609363_rule | Medium |
Description |
---|
Requiring individuals to be authenticated with an individual authenticator prior to using a group authenticator allows for traceability of actions, as well as adding an additional level of protection of the actions that can be taken with group account knowledge. Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000370-GPOS-00155 |
STIG | Date |
---|---|
Apple OS X 10.13 Security Technical Implementation Guide | 2021-11-19 |
Check Text ( C-16072r397188_chk ) |
---|
To view the setting for the iCloud Keychain Synchronization configuration, run the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep allowCloudKeychainSync If the output is null or not "allowCloudKeychainSync = 0" this is a finding. |
Fix Text (F-16070r397189_fix) |
---|
This setting is enforced using the "Restrictions" configuration profile. |