Macintosh OS X Workstation STIG, V1R1 


DISA Field Security Operations 


15 June 2004 


Developed by DISA for the DOD 


The use of the principles and guidelines in this STIG will provide an environment that meets or 


exceeds the security requirements of DOD systems operating at the MAC II Sensitive level, 


containing unclassified but sensitive information. 


1.3  Scope 


This document applies to all DOD administered or managed Macintosh systems. The 


requirements set forth in this document are designed to assist Information Systems Security 


Officers (IAOs) and System Administrators (SAs) in support of protecting DOD network 


infrastructures and resources. 


It is important to note that even though the Mac OS X is based on BSD UNIX and all UNIX 


systems share common characteristics, they each implement features differently. They do not all 


implement the same features, and use different methods for implementing some of the same 


features.  This document is limited to the Mac OS X 10.2 system, although additional system 


support will be included as necessary. 


1.4  Writing Conventions  


Throughout this document, statements are written using words such as  will  and  should.   The 


following paragraphs are intended to clarify how these STIG statements are to be interpreted. 


A reference that uses  will  implies mandatory compliance.  All requirements of this kind will 


also be documented in the italicized policy statements in bullet format, which follow the topic 


paragraph.  This will make all  will  statements easier to locate and interpret from the context of 


the topic.  The IAO will adhere to the instruction as written.  Only an extension issued by the 


Designated Approving Authority (DAA) will table this requirement.  The extension will 


normally have an expiration date, and does not relieve the IAO from continuing their efforts to 


satisfy the requirement. 


A reference to  should  is considered a recommendation that further enhances the security 


posture of the site.  These recommended actions will be documented in the text paragraphs but 


not in the italicized policy bullets.  Nevertheless, all reasonable attempts to meet this criterion 


will be made. 


For each italicized policy bullet, the text will be preceded by parentheses containing the 


italicized Short Description Identifier (SDID), which corresponds to an item on the checklist and 


the severity code of the bulleted item.  An example of this will be as follows "(G111:  CAT II).  


"If the item presently has no Potential Discrepancy Item (PDI), or the PDI is being developed, it 


will contain a preliminary severity code and "N/A" for the SDID (i.e., "[N/A: CAT III]"). 


1.5  STIG Distribution  


Parties within the DOD and Federal Government s computing environments  can obtain the 


applicable STIG from the Information Assurance Support Environment (IASE) web site.  This 


site contains the latest copies of any STIG, as well as checklists, scripts, and other related 


security information. 


2


UNCLASSIFIED 






  

    

      

    
    
Home

    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    

    

     
    Mac Web Hosting



    

    

    

      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved