osquery_policy (table) Content
| 01JR04CCS2F1VNZGPZYHNB1EQ8 | Ad tracking is limited (macOS) | SELECT CASE WHEN EXISTS (SELECT 1 FROM managed_policies WHERE domain='com.apple.AdLib' AND name='forceLimitAdTracking' AND value='1' LIMIT 1) THEN 'true' ELSE 'false' END AS policy_result; | Checks that a mobile device management (MDM) solution configures the Mac to limit advertisement tracking. | Pass | Fail | Contact your IT administrator to ensure your Mac is receiving a profile that disables advertisement tracking. | ["macos"] | |||||||||
| 01JR04CCS2MHAR0N92G0FAQ00R | Antivirus healthy (Linux) | SELECT score FROM (SELECT CASE WHEN COUNT(*) = 2 THEN 'true' ELSE 'false' END AS score FROM processes WHERE (name = 'clamd') OR (name = 'freshclam')) WHERE score = 'true'; | Checks that both ClamAV's daemon and its updater service (freshclam) are running. | Pass | Fail | Ensure ClamAV and Freshclam are installed and running. | ["linux","windows","macos"] | |||||||||
| 01JR04CCS2NY0XZPVRS0408FK4 | Antivirus healthy (macOS) | SELECT score FROM (SELECT case when COUNT(*) = 2 then 1 ELSE 0 END AS score FROM plist WHERE (key = 'CFBundleShortVersionString' AND path = '/Library/Apple/System/Library/CoreServices/XProtect.bundle/Contents/Info.plist' AND value>=2162) OR (key = 'CFBundleShortVersionString' AND path = '/Library/Apple/System/Library/CoreServices/MRT.app/Contents/Info.plist' and value>=1.93)) WHERE score == 1; | Checks the version of Malware Removal Tool (MRT) and the built-in macOS AV (Xprotect). Replace version numbers with the latest version regularly. | Pass | Fail | To enable automatic security definition updates, on the failing device, select System Preferences > Software Update > Advanced > Turn on Install system data files and security updates. | ["macos"] | |||||||||
| 01JR04CCS2NVSD8BAZEZPJ921C | Antivirus healthy (Windows) | SELECT 1 from windows_security_center wsc CROSS JOIN windows_security_products wsp WHERE antivirus = 'Good' AND type = 'Antivirus' AND signatures_up_to_date=1; | Checks the status of antivirus and signature updates from the Windows Security Center. | Pass | Fail | Ensure Windows Defender or your third-party antivirus is running, up to date, and visible in the Windows Security Center. | ["windows"] | |||||||||
| 01JR04CCS2BCEK3YW5R4BE61YQ | Automatic installation of application updates is enabled (macOS) | SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticallyInstallAppUpdates' AND value=1 LIMIT 1; | Checks that a mobile device management (MDM) solution configures the Mac to automatically install updates to App Store applications. | Pass | Fail | Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic installation of application updates. | ["macos"] | |||||||||
| 01JR04CCS2CNZMT5VKME21NXAD | Automatic installation of operating system updates is enabled (macOS) | SELECT 1 FROM managed_policies WHERE domain='com.apple.SoftwareUpdate' AND name='AutomaticallyInstallMacOSUpdates' AND value=1 LIMIT 1; | Checks that a mobile device management (MDM) solution configures the Mac to automatically install operating system updates. | Pass | Fail | Contact your IT administrator to ensure your Mac is receiving a profile that enables automatic installation of operating system updates. | ["macos"] | |||||||||
| 01JR04CCS2A701V6Y57CH90R2Z | Ensure 'Minimum password length' is set to '14 or more characters' | SELECT 1 FROM security_profile_info WHERE minimum_password_length >= 14; | This policy setting determines the least number of characters that make up a password for a user account. | Pass | Fail | Automatic method: Ask your system administrator to establish the recommended configuration via GP, set the following UI path to 14 or more characters 'Computer ConfigurationPoliciesWindows SettingsSecurity SettingsAccount PoliciesPassword PolicyMinimum password length' | ["windows"] |
(Page 1 of 1)