The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51399 | OSX8-00-00785 | SV-65609r1_rule | Medium |
| Description |
|---|
| This control is intended to address the confidentiality and integrity of information at rest in non-mobile devices and covers user information and system information. Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive, tape drive) within an organizational information system. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53735r1_chk ) |
|---|
| To check if FileVault 2 is enabled, run the following command: sudo fdesetup status If FileVault is "OFF", this is a finding. |
| Fix Text (F-56197r1_fix) |
|---|
| Open System Preferences->Security and Privacy, and navigate to the FileVault tab. Use this panel to configure full-disk encryption. |