Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must have the security assessment policy subsystem enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-95951 | AOSX-14-002064 | SV-105089r1_rule | High |
| Description |
|---|
| Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Accordingly, software defined by the organization as critical must be signed with a certificate that is recognized and approved by the organization. |
| STIG | Date |
|---|---|
| Apple OS X 10.14 (Mojave) Security Technical Implementation Guide | 2019-12-20 |
Details
| Check Text ( C-94781r1_chk ) |
|---|
| To check the status of the Security assessment policy subsystem, run the following command: /usr/bin/sudo /usr/sbin/spctl --status | /usr/bin/grep enabled If nothing is returned, this is a finding. |
| Fix Text (F-101619r1_fix) |
|---|
| To enable the Security assessment policy subsystem, run the following command: /usr/bin/sudo /usr/sbin/spctl --master-enable |