The OS X system must be configured with Wi-Fi support software disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-75967 | AOSX-12-000070 | SV-90655r1_rule | Medium |
| Description |
|---|
| Use of Wi-Fi to connect to unauthorized networks may facilitate the exfiltration of mission data. Satisfies: SRG-OS-000300-GPOS-00118, SRG-OS-000480-GPOS-00227 |
| STIG | Date |
|---|---|
| Apple OS X 10.12 Security Technical Implementation Guide | 2018-12-24 |
Details
| Check Text ( C-75651r1_chk ) |
|---|
| If the system requires Wi-Fi to connect to an authorized network, this is not applicable. To check if the Wi-Fi network device is disabled, run the following command: /usr/bin/sudo /usr/sbin/networksetup -listallnetworkservices A disabled device will have an asterisk in front of its name. If the Wi-Fi device is missing this asterisk, this is a finding. |
| Fix Text (F-82605r1_fix) |
|---|
| To disable the Wi-Fi network device, run the following command: /usr/bin/sudo /usr/sbin/networksetup -setnetworkserviceenabled "Wi-Fi" off |