在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):jamf/CIS-for-macOS-Sierra开源软件地址(OpenSource Url):https://github.com/jamf/CIS-for-macOS-Sierra开源编程语言(OpenSource Language):Shell 100.0%开源软件介绍(OpenSource Introduction):INFO: Refers to document CIS_Apple_OSX_10.12_Benchmark_v1.0.0.pdf, available at https://benchmarks.cisecurity.org USAGE: 1_Set_Organization_PrioritiesPolicy: Generally "Once per computer" unless organizational values change. Admins set organizational compliance for each listed item, which gets written to plist. The values default to "true," meaning if an organization wishes to disregard a given item they must set the value to false by changing the associated comment: OrgScore1_1="true" or OrgScore1_1="false" The script writes to /Library/Application Support/SecurityScoring/org_security_score.plist by default. NOTES: Item "1.1 Verify all Apple provided software is current" is disabled by default. Item "5.6 Enable OCSP and CRL certificate checking" is disabled by default. 2_Security_Audit_CompliancePolicy: Some recurring trigger to track compliance over time. Reads the plist at /Library/Application Support/SecurityScoring/org_security_score.plist. For items prioritized (listed as "true,") the script queries against the current computer/user environment to determine compliance against each item. Non-compliant items are recorded at /Library/Application Support/SecurityScoring/org_audit 2.5_Audit_List Extension AttributeSet as Data Type "String." Reads contents of /Library/Application Support/SecurityScoring/org_audit file and records to Jamf Pro inventory record. 2.6_Audit_Count Extension AttributeSet as Data Type "Integer." Reads contents of /Library/Application Support/SecurityScoring/org_audit file and records count of items to Jamf Pro inventory record. Usable with smart group logic (2.6_Audit_Count greater than 0) to immediately determine computers not in compliance. 3_Security_RemediationPolicy: Some recurring trigger to enforce compliance over time. Reads the plist at /Library/Application Support/SecurityScoring/org_security_score.plist. For items prioritized (listed as "true,") the script applies recommended remediation actions for the client/user. SCORED CIS EXCEPTIONS:
|
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论