Secure virtual memory must be used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-58461 | AOSX-09-001260 | SV-72891r1_rule | Medium |
| Description |
|---|
| Secure virtual memory must be enabled. Secure virtual memory ensures that data in memory is encrypted when it is swapped to disk. This prevents users and applications from accessing potentially sensitive information, such as user names and passwords, from the swap space on the hard drive. |
| STIG | Date |
|---|---|
| Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide | 2017-01-05 |
Details
| Check Text ( C-59305r1_chk ) |
|---|
| To check if the system is using secure virtual memory run the following command: sysctl vm.swapusage If the result does not show '(encrypted)', this is a finding. |
| Fix Text (F-63793r1_fix) |
|---|
| To ensure secure virtual memory is secure, run the following command: sudo defaults write /Library/Preferences/com.apple.virtualMemory DisableEncryptedSwap -bool FALSE |