STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← CM-7 — Least Functionality

CCI-000381

Definition

Configure the system to provide only organization-defined mission essential capabilities.

Parent Control

CM-7Least FunctionalityConfiguration Management

Linked STIG Checks (200)

V-237035CAT IIThe A10 Networks ADC must not have unnecessary scripts installed.A10 Networks ADC ALG Security Technical Implementation GuideV-237036CAT IIThe A10 Networks ADC must use DNS Proxy mode when Global Server Load Balancing is used.A10 Networks ADC ALG Security Technical Implementation GuideV-204656CAT IIAAA Services must be configured to disable non-essential modules.AAA Services Security Requirements GuideV-213119CAT IIAdobe Acrobat Pro DC Continuous PDF file attachments must be blocked.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213120CAT IIIAdobe Acrobat Pro DC Continuous access to unknown websites must be restricted.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213121CAT IIIAdobe Acrobat Pro DC Continuous access to websites must be blocked.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213122CAT IIAdobe Acrobat Pro DC Continuous must be configured to block Flash Content.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213123CAT IIThe Adobe Acrobat Pro DC Continuous Send and Track plugin for Outlook must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213131CAT IIAdobe Acrobat Pro DC Continuous must disable the ability to store files on Acrobat.com.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213132CAT IIAdobe Acrobat Pro DC Continuous Cloud Synchronization must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213133CAT IIIAdobe Acrobat Pro DC Continuous Repair Installation must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213134CAT IIIAdobe Acrobat Pro DC Continuous third-party web connectors must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213135CAT IIIAdobe Acrobat Pro DC Continuous Webmail must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213136CAT IIIThe Adobe Acrobat Pro DC Continuous Welcome Screen must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213137CAT IIIAdobe Acrobat Pro DC Continuous SharePoint and Office365 access must be disabled.Adobe Acrobat Professional DC Continuous Track Security Technical Implementation GuideV-213177CAT IIIAdobe Reader DC must disable the Adobe Send and Track plugin for Outlook.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213178CAT IIAdobe Reader DC must disable all service access to Document Cloud Services.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213179CAT IIAdobe Reader DC must disable Cloud Synchronization.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213180CAT IIIAdobe Reader DC must disable the Adobe Repair Installation.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213181CAT IIAdobe Reader DC must disable 3rd Party Web Connectors.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213182CAT IIIAdobe Reader DC must disable Acrobat Upsell.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213183CAT IIIAdobe Reader DC must disable Adobe Send for Signature.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213184CAT IIAdobe Reader DC must disable access to Webmail.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213185CAT IIAdobe Reader DC must disable Online SharePoint Access.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213186CAT IIIAdobe Reader DC must disable the Adobe Welcome Screen.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-213187CAT IIIAdobe Reader DC must disable Service Upgrades.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation GuideV-279040CAT IIColdFusion must configure WebSocket Service.Adobe ColdFusion Security Technical Implementation GuideV-279041CAT IIColdFusion must have Event Gateway Services disabled when not in use.Adobe ColdFusion Security Technical Implementation GuideV-279042CAT IIColdFusion must have Remote Development Services (RDS) disabled.Adobe ColdFusion Security Technical Implementation GuideV-279043CAT IIIColdFusion must have example services removed.Adobe ColdFusion Security Technical Implementation GuideV-279044CAT IIColdFusion must disable all remote and client-side debugging features, including Remote Inspection, Robust Exception Information, AJAX Debug Log Window, and Line Debugging.Adobe ColdFusion Security Technical Implementation GuideV-279045CAT IIColdFusion must have any unused mappings removed.Adobe ColdFusion Security Technical Implementation GuideV-279046CAT IIIColdFusion must have Central Configuration Server (CCS) disabled.Adobe ColdFusion Security Technical Implementation GuideV-279047CAT IIIColdFusion must have only approved Tomcat connectors enabled.Adobe ColdFusion Security Technical Implementation GuideV-279048CAT IIIColdFusion must have Tomcat configured with deployXML disabled.Adobe ColdFusion Security Technical Implementation GuideV-279049CAT IIIColdFusion must be configured with autoDeploy disabled.Adobe ColdFusion Security Technical Implementation GuideV-279050CAT IIColdFusion must be configured with secure and approved server settings to enforce application hardening, input validation, error handling, and protection against common web vulnerabilities.Adobe ColdFusion Security Technical Implementation GuideV-279051CAT IIIColdFusion must have the sample data directories removed.Adobe ColdFusion Security Technical Implementation GuideV-279052CAT IIIColdFusion must have the CFSTAT feature disabled when not in use.Adobe ColdFusion Security Technical Implementation GuideV-279053CAT IIColdFusion must disable the In-Memory File System.Adobe ColdFusion Security Technical Implementation GuideV-279106CAT IIColdFusion must be configured to set the cookie settings.Adobe ColdFusion Security Technical Implementation GuideV-279107CAT IIColdFusion must be configured to enable Cross-Origin Resource Sharing (CORS) to allow mobile applications to access resources from different origins securely.Adobe ColdFusion Security Technical Implementation GuideV-274007CAT IAmazon Linux 2023 must not have the vsftpd package installed.Amazon Linux 2023 Security Technical Implementation GuideV-274008CAT IIAmazon Linux 2023 must not have the sendmail package installed.Amazon Linux 2023 Security Technical Implementation GuideV-274009CAT IIAmazon Linux 2023 must not have the nfs-utils package installed.Amazon Linux 2023 Security Technical Implementation GuideV-274010CAT IIAmazon Linux 2023 must not have the telnet-server package installed.Amazon Linux 2023 Security Technical Implementation GuideV-274011CAT IIAmazon Linux 2023 must not have the gssproxy package installed.Amazon Linux 2023 Security Technical Implementation GuideV-274158CAT IIAmazon Linux 2023 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Category Assurance List (PPSM CAL) and vulnerability assessments.Amazon Linux 2023 Security Technical Implementation GuideV-214239CAT IIThe Apache web server must not perform user management for hosted applications.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214240CAT IIThe Apache web server must only contain services and functions necessary for operation.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214241CAT IIThe Apache web server must not be a proxy server.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214242CAT IThe Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214243CAT IIThe Apache web server must have resource mappings set to disable the serving of certain file types.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214244CAT IIThe Apache web server must allow the mappings to unused and vulnerable scripts to be removed.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214245CAT IIThe Apache web server must have Web Distributed Authoring (WebDAV) disabled.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214248CAT IApache web server application directories, libraries, and configuration files must only be accessible to privileged users.Apache Server 2.4 UNIX Server Security Technical Implementation GuideV-214280CAT IIThe Apache web server must not perform user management for hosted applications.Apache Server 2.4 UNIX Site Security Technical Implementation GuideV-214281CAT IIThe Apache web server must have Multipurpose Internet Mail Extensions (MIME) that invoke operating system shell programs disabled.Apache Server 2.4 UNIX Site Security Technical Implementation GuideV-214282CAT IIThe Apache web server must allow mappings to unused and vulnerable scripts to be removed.Apache Server 2.4 UNIX Site Security Technical Implementation GuideV-214283CAT IIThe Apache web server must have resource mappings set to disable the serving of certain file types.Apache Server 2.4 UNIX Site Security Technical Implementation GuideV-214284CAT IIUsers and scripts running on behalf of users must be contained to the document root or home directory tree of the Apache web server.Apache Server 2.4 UNIX Site Security Technical Implementation GuideV-214318CAT IIThe Apache web server must not perform user management for hosted applications.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214319CAT IIThe Apache web server must only contain services and functions necessary for operation.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214320CAT IIThe Apache web server must not be a proxy server.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214321CAT IThe Apache web server must provide install options to exclude the installation of documentation, sample code, example applications, and tutorials.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214322CAT IApache web server application directories, libraries, and configuration files must only be accessible to privileged users.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214323CAT IIThe Apache web server must have resource mappings set to disable the serving of certain file types.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214324CAT IIThe Apache web server must allow the mappings to unused and vulnerable scripts to be removed.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214325CAT IIThe Apache web server must have Web Distributed Authoring (WebDAV) disabled.Apache Server 2.4 Windows Server Security Technical Implementation GuideV-214365CAT IIThe Apache web server must not perform user management for hosted applications.Apache Server 2.4 Windows Site Security Technical Implementation GuideV-214367CAT IIThe Apache web server must allow the mappings to unused and vulnerable scripts to be removed.Apache Server 2.4 Windows Site Security Technical Implementation GuideV-214368CAT IIUsers and scripts running on behalf of users must be contained to the document root or home directory tree of the Apache web server.Apache Server 2.4 Windows Site Security Technical Implementation GuideV-222950CAT IIStack tracing must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222951CAT IIThe shutdown port must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222952CAT IIUnapproved connectors must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222953CAT IIIDefaultServlet debug parameter must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222954CAT IIIDefaultServlet directory listings parameter must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222955CAT IIThe deployXML attribute must be set to false in hosted environments.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222956CAT IIAutodeploy must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222957CAT IIIxpoweredBy attribute must be disabled.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222958CAT IIIExample applications must be removed.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222959CAT IIITomcat default ROOT web application must be removed.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-222960CAT IIIDocumentation must be removed.Apache Tomcat Application Server 9 Security Technical Implementation GuideV-254608CAT IIIApple iOS/iPadOS 16 must implement the management setting: Not allow automatic completion of Safari browser passcodes.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254609CAT IIApple iOS/iPadOS 16 must implement the management setting: Encrypt iTunes backups/Encrypt local backup.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254610CAT IIIApple iOS/iPadOS 16 must implement the management setting: not allow use of Handoff.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254613CAT IIApple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254614CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254620CAT IIIApple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-254621CAT IIApple iOS/iPadOS 16 users must complete required training.Apple iOS-iPadOS 16 Security Technical Implementation GuideV-257121CAT IIApple iOS/iPadOS 16 must implement the management setting: Encrypt iTunes backups/Encrypt local backup.Apple iOS/iPadOS 16 BYOAD Security Technical Implementation GuideV-257123CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS/iPadOS 16 BYOAD Security Technical Implementation GuideV-257127CAT IIIApple iOS/iPadOS 16 must implement the management setting: force Apple Watch wrist detection.Apple iOS/iPadOS 16 BYOAD Security Technical Implementation GuideV-257128CAT IIApple iOS/iPadOS 16 users must complete required training.Apple iOS/iPadOS 16 BYOAD Security Technical Implementation GuideV-259779CAT IIApple iOS/iPadOS 17 must implement the management setting: Encrypt backups/Encrypt local backup.Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation GuideV-259782CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation GuideV-259786CAT IIIApple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection.Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation GuideV-259787CAT IIApple iOS/iPadOS 17 users must complete required training.Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation GuideV-258340CAT IIIApple iOS/iPadOS 17 must implement the management setting: not allow automatic completion of Safari browser passcodes.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258341CAT IIApple iOS/iPadOS 17 must implement the management setting: Encrypt backups/Encrypt local backup.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258342CAT IIIApple iOS/iPadOS 17 must implement the management setting: not allow use of Handoff.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258343CAT IIIApple iOS/iPadOS 17 must implement the management setting: not allow use of iPhone widgets on Mac.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258347CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258353CAT IIIApple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-258354CAT IIApple iOS/iPadOS 17 users must complete required training.Apple iOS/iPadOS 17 Security Technical Implementation GuideV-268027CAT IIIApple iOS/iPadOS 18 must implement the management setting: not allow automatic completion of Safari browser passcodes.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268028CAT IIApple iOS/iPadOS 18 must implement the management setting: encrypt backups/Encrypt local backup.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268029CAT IIIApple iOS/iPadOS 18 must implement the management setting: not allow use of Handoff.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268030CAT IIIApple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268034CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268040CAT IIIApple iOS/iPadOS 18 must implement the management setting: force Apple Watch wrist detection.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-268041CAT IIApple iOS/iPadOS 18 users must complete required training.Apple iOS/iPadOS 18 Security Technical Implementation GuideV-278787CAT IIIApple iOS/iPadOS 26 must implement the management setting: not allow automatic completion of Safari browser passcodes.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278788CAT IIApple iOS/iPadOS 26 must implement the management setting: encrypt backups/Encrypt local backup.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278789CAT IIIApple iOS/iPadOS 26 must implement the management setting: not allow use of Handoff.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278790CAT IIIApple iOS/iPadOS 26 must implement the management setting: not allow use of iPhone widgets on Mac.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278793CAT IiPhone and iPad must have the latest available iOS/iPadOS operating system installed.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278799CAT IIIApple iOS/iPadOS 26 must implement the management setting: force Apple Watch wrist detection.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-278800CAT IIApple iOS/iPadOS 26 users must complete required training.Apple iOS/iPadOS 26 Security Technical Implementation GuideV-252479CAT IIThe macOS system must be configured to disable SMB File Sharing unless it is required.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252480CAT IIThe macOS system must be configured to disable the Network File System (NFS) daemon unless it is required.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252481CAT IIThe macOS system must be configured to disable Location Services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252482CAT IIThe macOS system must be configured to disable Bonjour multicast advertising.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252483CAT IIThe macOS system must be configured to disable the UUCP service.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252484CAT IIThe macOS system must be configured to disable Internet Sharing.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252485CAT IIThe macOS system must be configured to disable Web Sharing.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252486CAT IIIThe macOS system must be configured to disable AirDrop.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252487CAT IIIThe macOS system must be configured to disable the iCloud Calendar services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252488CAT IIIThe macOS system must be configured to disable the iCloud Reminders services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252489CAT IIIThe macOS system must be configured to disable iCloud Address Book services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252490CAT IIIThe macOS system must be configured to disable the Mail iCloud services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252491CAT IIIThe macOS system must be configured to disable the iCloud Notes services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252492CAT IIThe macOS system must cover or disable the built-in or attached camera when not in use.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252493CAT IIThe macOS system must be configured to disable Siri and dictation.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252497CAT IIThe macOS system must be configured to disable the system preference pane for Internet Accounts.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252498CAT IIThe macOS system must be configured to disable the Cloud Setup services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252499CAT IIThe macOS system must be configured to disable the Privacy Setup services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252500CAT IIThe macOS system must be configured to disable the Cloud Storage Setup services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252502CAT IIThe macOS system must be configured to disable the Siri Setup services.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252503CAT IIThe macOS system must disable iCloud Keychain synchronization.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252504CAT IIThe macOS system must disable iCloud document synchronization.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252505CAT IIThe macOS system must disable iCloud bookmark synchronization.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252506CAT IIThe macOS system must disable iCloud photo library.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252508CAT IIThe macOS system must be configured to disable the system preference pane for TouchID.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252509CAT IIThe macOS system must be configured to disable the system preference pane for Wallet and ApplePay.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252510CAT IIThe macOS system must be configured to disable the system preference pane for Siri.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252540CAT IIThe macOS system must be configured to disable prompts to configure Touch ID.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252541CAT IIIThe macOS system must be configured to disable prompts to configure ScreenTime.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252542CAT IIThe macOS system must be configured to disable promts to configure Unlock with Watch.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252543CAT IIIThe macOS system must be configured to prevent activity continuation between Apple Devices.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252544CAT IIThe macOS system must be configured to prevent password proximity sharing requests from nearby Apple Devices.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-252545CAT IIThe macOS system must be configured to prevent users from erasing all system content and settings.Apple macOS 12 (Monterey) Security Technical Implementation GuideV-257185CAT IIThe macOS system must be configured to disable SMB File Sharing unless it is required.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257186CAT IIThe macOS system must be configured to disable the Network File System (NFS) daemon unless it is required.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257187CAT IIThe macOS system must be configured to disable Location Services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257188CAT IIThe macOS system must be configured to disable Bonjour multicast advertising.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257189CAT IIThe macOS system must be configured to disable the UUCP service.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257190CAT IIThe macOS system must be configured to disable Internet Sharing.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257191CAT IIThe macOS system must be configured to disable Web Sharing.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257192CAT IIIThe macOS system must be configured to disable AirDrop.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257193CAT IIIThe macOS system must be configured to disable the iCloud Calendar services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257194CAT IIIThe macOS system must be configured to disable the iCloud Reminders services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257195CAT IIIThe macOS system must be configured to disable iCloud Address Book services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257196CAT IIIThe macOS system must be configured to disable the iCloud Mail services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257197CAT IIIThe macOS system must be configured to disable the iCloud Notes services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257198CAT IIThe macOS system must cover or disable the built-in or attached camera when not in use.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257199CAT IIThe macOS system must be configured to disable Siri and dictation.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257203CAT IIThe macOS system must be configured to disable the system preference pane for Internet Accounts.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257204CAT IIThe macOS system must be configured to disable the Cloud Setup services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257205CAT IIThe macOS system must be configured to disable the Privacy Setup services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257206CAT IIThe macOS system must be configured to disable the Cloud Storage Setup services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257208CAT IIThe macOS system must be configured to disable the Siri Setup services.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257209CAT IIThe macOS system must disable iCloud Keychain synchronization.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257210CAT IIThe macOS system must disable iCloud Document synchronization.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257211CAT IIThe macOS system must disable iCloud Bookmark synchronization.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257212CAT IIThe macOS system must disable the iCloud Photo Library.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257214CAT IIThe macOS system must be configured to disable the system preference pane for TouchID and Password.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257215CAT IIThe macOS system must be configured to disable the system preference pane for Wallet and ApplePay.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257216CAT IIThe macOS system must be configured to disable the system preference pane for Siri.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257246CAT IIThe macOS system must be configured to disable prompts to configure Touch ID.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257247CAT IIIThe macOS system must be configured to disable prompts to configure ScreenTime.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257248CAT IIThe macOS system must be configured to disable prompts to configure Unlock with Watch.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257249CAT IIIThe macOS system must be configured to prevent activity continuation between Apple devices.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257250CAT IIThe macOS system must be configured to prevent password proximity sharing requests from nearby Apple devices.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-257251CAT IIThe macOS system must be configured to prevent users from erasing all system content and settings.Apple macOS 13 (Ventura) Security Technical Implementation GuideV-259480CAT IIThe macOS system must disable Location Services.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259481CAT IIThe macOS system must disable Bonjour multicast.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259483CAT IIThe macOS system must disable Internet Sharing.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259486CAT IIThe macOS system must disable FaceTime.app.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259487CAT IIThe macOS system must disable the iCloud Calendar services.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259488CAT IIThe macOS system must disable iCloud Reminders.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259489CAT IIThe macOS system must disable iCloud Address Book.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259490CAT IIThe macOS system must disable iCloud Mail.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259491CAT IIThe macOS system must disable iCloud Notes.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259492CAT IIThe macOS system must disable the camera.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259493CAT IIThe macOS system must disable Siri.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259496CAT IIThe macOS system must disable Apple ID setup during Setup Assistant.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259497CAT IIThe macOS system must disable Privacy Setup services during Setup Assistant.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259498CAT IIThe macOS system must disable iCloud Storage Setup during Setup Assistant.Apple macOS 14 (Sonoma) Security Technical Implementation GuideV-259500CAT IIThe macOS system must disable Siri Setup during Setup Assistant.Apple macOS 14 (Sonoma) Security Technical Implementation Guide