DOCSLIB.ORG

Apple Inc. Apple Macos Catalina 10.15 Common Criteria Configuration Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Apple Inc. Apple Macos Catalina 10.15 Common Criteria Configuration Guide Apple Inc. Apple macOS Catalina 10.15 Common Criteria Configuration Guide September 18, 2020 v1.7 Prepared By: Acumen Security 2400 Research Blvd Suite 395 Rockville, MD, 20850 www.acumensecurity.net Prepared for: Apple Inc. One Apple Park Way MS 927-1CPS Cupertino, CA-95014 www.apple.com © 2020 Apple Inc., All rights reserved. This document may be reproduced and distributed only in its original entirety without revision. 1 Table of Contents 1. Purpose of this document ..................................................................................................................... 5 1.1. TOE Overview ................................................................................................................................. 5 1.2. TOE Description .............................................................................................................................. 5 1.3. Assumptions ................................................................................................................................... 7 1.4. TOE Delivery ................................................................................................................................... 7 2. TOE Self Tests ......................................................................................................................................... 8 2.1. Cryptographic Module Tests .......................................................................................................... 8 2.2. Cryptographic Algorithm Tests ....................................................................................................... 8 2.2. Software/Firmware Integrity Tests ................................................................................................ 9 2.3. Critical Function Tests .................................................................................................................... 9 3. Prerequisites for Installation ................................................................................................................. 9 3.1. Disable Excluded Functionality ....................................................................................................... 9 3.2. TOE Management Functions ........................................................................................................ 11 4. Installation of the Apple macOS Catalina 10.15 .................................................................................. 21 4.1. Clean Installation steps for the TOE ............................................................................................. 22 4.1.1. Install the TOE from Apple website ..................................................................................... 22 4.1.2. Reinstall the TOE .................................................................................................................. 22 5. Check Software Updates ...................................................................................................................... 22 6. Installing Updates ................................................................................................................................ 23 6.1. Installing OS updates .................................................................................................................... 23 6.2. Installing Software Application Updates ...................................................................................... 26 7. TOE Startup Security Utility ................................................................................................................. 28 7.1. Mac startup key combinations: .................................................................................................... 30 7.1.1. If a key combination doesn't work ....................................................................................... 30 8. Configuring TLS .................................................................................................................................... 31 8.1 Configure TOE for TLS Mutual Authentication .................................................................................. 34 9. TOE Cryptographic Operation – Hashing, Encryption and Decryption ................................................ 34 10. Buffer Overflow Protections ................................................................................................................ 35 11. Creating User Accounts ....................................................................................................................... 35 11.1. Locking an Account ...................................................................................................................... 38 11.2. Creating Groups ........................................................................................................................... 39 11.3. Modifying or Deleting Groups ...................................................................................................... 40 11.4. Changing User Passwords ............................................................................................................ 41 12. Password Policy ................................................................................................................................... 42 13. Setting System Date and Time ............................................................................................................. 45 13.1. Change System Date and Time:.................................................................................................... 45 14. Auditing ................................................................................................................................................ 48 14.1. Command Line Programs ............................................................................................................. 50 14.1.1. audit ..................................................................................................................................... 50 14.1.2. auditreduce .......................................................................................................................... 51 14.1.3. praudit .................................................................................................................................. 53 © 2020 Apple Inc., All rights reserved. This document may be reproduced and distributed only in its original entirety without revision. 2 14.1.4. Managing audit log files ....................................................................................................... 53 14.1.5. Deleting audit records.......................................................................................................... 54 14.2. Audit Control Files ........................................................................................................................ 54 14.2.1. audit_class ........................................................................................................................... 54 14.3. audit_control ................................................................................................................................ 55 14.3.1. Audit Flags ............................................................................................................................ 56 14.3.2. Default.................................................................................................................................. 57 14.4. audit_event .................................................................................................................................. 57 14.5. audit_user .................................................................................................................................... 57 14.6. audit_warn ................................................................................................................................... 58 14.7. Audit Log Files .............................................................................................................................. 58 14.8. Configure the address of remote audit server to which to send audit records ........................... 58 15. Reference Identifiers ........................................................................................................................... 59 16. Access Control Policy ........................................................................................................................... 59 17. Warning Banner ................................................................................................................................... 61 18. Authorization Factors .......................................................................................................................... 62 18.1 Smart Card Registration ................................................................................................................... 63 18.2 Smart Card Authentication .............................................................................................................. 65 19. Key Destruction .................................................................................................................................... 66 20. Validation of Cryptographic Elements ................................................................................................. 66 21. Enable Full Disk Encryption .................................................................................................................
Load more

Recommended publications
  • Switch 4.5.6 Release Notes
    Switch 4.5.6 Release Notes Switch™ Telestream® Switch is an award-winning cross platform media player, inspector, and correction tool for professionals. Switch comes in three versions: Switch Player ($9.99), Switch Plus ($199), and Switch Pro ($499). Switch Player is a robust multi-format media player with deep inspection capabilities. The media player supports high-quality playback for Windows Media, MXF, GXF, MPS, MTS, MOV, MP4, LXF and more. The inspector displays media properties including audio channels, aspect ratio, bitrate, encoding formats and more. In Switch Player, export is only supported when converting Windows Media content to H264 in the MP4 container. Exports using other combinations of source and output formats are watermarked or limited to 30 seconds/half the duration of the media file. Switch Plus is perfect for video editors and post-production professionals. Plus adds support for embedded caption playback and subtitle files; professional audio meters; export to MP4, QuickTime MOV, MXF (OP-1a and OP-Atom), and MPEG-2 Program Streams and Transport Streams; publish to Vimeo, YouTube and Facebook; as well as additional playback support for HEVC, DNxHD, DNxHR, JPEG-2000, and AC-3 audio. Switch Pro is designed for Broadcast and Media QC analysis professionals. Pro extends the professional Audio Meters (included in Plus) to include a loudness panel with options to calculate loudness gated (BS1770-3) or un-gated (BS1770-2); as well as deeper inspection of application specific metadata (e.g., AS-11 with DPP metadata). Switch Pro also includes visual representation of the video’s GOP structure; an interlacing option to display fields, and a Compare Alternate Media feature to easily check multiple adaptive bitrate files in ABR workflows for easy comparison of multi-format media.
    [Show full text]
  • How to Downgrade Macos Catalina (10.15) to Macos Mojave (10.14) on a Mac Mini (2018)
    ToolsOnAir Hardware Tech Note How to downgrade macOS Catalina (10.15) to macOS Mojave (10.14) on a Mac mini (2018). Tech Note: 20200518 - Release Date: 18/05/20 Preamble: This Tech Note, provided as is, describes the procedure to downgrade a qualified Mac mini running macOS Catalina (10.15.x) to macOS Mojave (10.14) and will guide you through the process in few easy steps, so that you can start using our playout solutions on newer hardware from Apple that comes with macOS Catalina preinstalled. Related Playout Solutions: • just:play v.2.5 - 2.7 • just:live v.2.5 - 2.7 • composition:builder v.4.0 Specific Apple hardware discussed in this Tech Note: • Mac mini 2018 (Macmini8,1) STEP 1: How to download the official macOS Mojave installer Download an official macOS Mojave (10.14) from Apple’s support site by following this link: https://itunes.apple.com/de/app/macos-mojave/id1398502828?ls=1&mt=12 ClicK on “Get” to initiate the download process. The “Software Update” panel from the macOS “System Preferences” will open showing the latest version of macOS Mojave. Confirm that you want to download the software by clicking on “Download”. The download might taKe some time depending on your internet connection. Once the download is completed, quit the macOS Mojave installer (“Applications” folder) and proceed to the next step. Information contained in this document is provided without liability for information purposes only and is subject to change without notice. © 2020 ToolsOnAir - Broadcast Engineering GmbH. All trademarks and registered trademarks are the property of their respective owners.
    [Show full text]
  • Mac OS X: an Introduction for Support Providers
    Mac OS X: An Introduction for Support Providers Course Information Purpose of Course Mac OS X is the next-generation Macintosh operating system, utilizing a highly robust UNIX core with a brand new simplified user experience. It is the first successful attempt to provide a fully-functional graphical user experience in such an implementation without requiring the user to know or understand UNIX. This course is designed to provide a theoretical foundation for support providers seeking to provide user support for Mac OS X. It assumes the student has performed this role for Mac OS 9, and seeks to ground the student in Mac OS X using Mac OS 9 terms and concepts. Author: Robert Dorsett, manager, AppleCare Product Training & Readiness. Module Length: 2 hours Audience: Phone support, Apple Solutions Experts, Service Providers. Prerequisites: Experience supporting Mac OS 9 Course map: Operating Systems 101 Mac OS 9 and Cooperative Multitasking Mac OS X: Pre-emptive Multitasking and Protected Memory. Mac OS X: Symmetric Multiprocessing Components of Mac OS X The Layered Approach Darwin Core Services Graphics Services Application Environments Aqua Useful Mac OS X Jargon Bundles Frameworks Umbrella Frameworks Mac OS X Installation Initialization Options Installation Options Version 1.0 Copyright © 2001 by Apple Computer, Inc. All Rights Reserved. 1 Startup Keys Mac OS X Setup Assistant Mac OS 9 and Classic Standard Directory Names Quick Answers: Where do my __________ go? More Directory Names A Word on Paths Security UNIX and security Multiple user implementation Root Old Stuff in New Terms INITs in Mac OS X Fonts FKEYs Printing from Mac OS X Disk First Aid and Drive Setup Startup Items Mac OS 9 Control Panels and Functionality mapped to Mac OS X New Stuff to Check Out Review Questions Review Answers Further Reading Change history: 3/19/01: Removed comment about UFS volumes not being selectable by Startup Disk.
    [Show full text]
  • Running EDIUS 7 on an Apple Mac Computer Under Boot Camp Steve Leeflang March 2015 APPLICATION NOTE RUNNING EDIUS 7 on an APPLE MAC COMPUTER UNDER BOOT CAMP
    Running EDIUS 7 on an Apple Mac Computer under Boot Camp Steve Leeflang March 2015 APPLICATION NOTE RUNNING EDIUS 7 ON AN APPLE MAC COMPUTER UNDER BOOT CAMP Installing Boot Camp pple’s free Boot Camp utility permits installation of Microsoft’s Windows 7 or 8 64-bit operating system just as if it were being installed normally on other types of PCs. When running Windows under Boot Camp the user has access to all editing hardware and software, A including the Grass Valley, a Belden Brand, EDIUS nonlinear editing program. Important Note: Please refer to Apple’s website to find out which version of Boot Camp and Windows are supported on your Mac. https://support.apple.com/en-us/HT204048 Before starting the installation, check for updates for the Mac. Go to the Apple Menu > Updates and in- stall all available updates. Installation: In OS X, launch the Boot Camp Assistant (from the “other” folder in Launch Pad). Next, create a partition. Create a second partition for Windows. www.grassvalley.com 2 APPLICATION NOTE RUNNING EDIUS 7 ON AN APPLE MAC COMPUTER UNDER BOOT CAMP Installing Boot Camp (Cont.) The user then decides how much space they want to allocate to Windows. EDIUS, with all its third-party applica- tions, requires around 6 GB of hard disk space for installation. Depending on the available free disk space, it is a good idea to have at least 20 to 32 GB for the Windows partition. (A second disk can be chosen especially for Windows.) To change the allocated space for the Windows partition, click the small divider between Mac OS X and Windows, and drag it to the left.
    [Show full text]
  • Apple Music & Beyond
    EBOOK EXTRAS: v1.2 Downloads, Updates, Feedback TAKE CONTROL OF macOS MEDIA APPS Apple Music & Beyond Manage your audio and video content in the Music, Podcasts, TV, and Books apps for macOS by KIRK McELHEARN $14.99 Click here to buy the full 237-page “Take Control of macOS Media Apps” for only $14.99! Table of Contents Read Me First ............................................................... 5 Updates and More ............................................................. 5 What’s New in Version 1.2 .................................................. 6 A Note on Terminology ....................................................... 7 Introduction ................................................................ 9 Quick Start ................................................................ 11 A Brief Introduction to Apple’s Media Apps ................ 13 Play Music ................................................................. 15 Play Your Music ............................................................... 15 Control Music with the MiniPlayer ....................................... 22 View Lyrics for Your Songs ................................................ 25 Use the Full Screen Player ................................................ 27 Get Notifications as Your Music Changes ............................. 29 Search for Music .............................................................. 31 Let Genius Choose What to Play ........................................ 33 Use Playing Next to View and Manage a Music Queue ........... 38 Make
    [Show full text]
  • Apple Remote Desktop Administrator's Guide
    Apple Remote Desktop Administrator’s Guide Version 3 K Apple Computer, Inc. © 2006 Apple Computer, Inc. All rights reserved. The owner or authorized user of a valid copy of Apple Remote Desktop software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid for support services. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AirPort, AppleScript, AppleTalk, AppleWorks, FireWire, iBook, iMac, iSight, Keychain, Mac, Macintosh, Mac OS, PowerBook, QuickTime, and Xserve are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. Apple Remote Desktop, Bonjour, eMac, Finder, iCal, and Safari are trademarks of Apple Computer, Inc. Adobe and Acrobat are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 019-0629/02-28-06 3 Contents Preface 9 About This Book 10 Using This Guide 10 Remote Desktop Help 10 Notation
    [Show full text]
  • High Sierra Image File Download Gdrive Medium.Go-To-App.Com
    high sierra image file download gdrive medium.go-to-app.com. MacOS High Sierra ISO 10.13.6 (Torrent) – Here is the macOS High Sierra ISO file in Torrent. Click on the link and download it straightly. Once that’s with you, proceed with the installation. No need to take the backup of your files and documents beacuse there’s no risk in it at all. For the strongest security and latest features, find out whether you can upgrade to macOS Catalina, the latest version of the Mac operating system. If you still need macOS Sierra, use this link: Download macOS Sierra. A file named InstallOS.dmg will download to your Mac. Download macOS High Sierra ISO VMDK DMG file (Google drive) One full; macOS High Sierra Image file free download; Install macOS High Sierra on VirtualBox. When you’ve downloaded the file, extract them and you’re prepared to begin with the installation. The content goes to Apple. Enjoy the operating system! (Installs VMWare Workstation 14.0 only). The macOS Mojave was the fifteenth release from Apple for their macOS family and was made available to the public on the 24th of September in 2018. The macOS Mojave 10.14.1 (the updated version) was released on the 30th of October of the same year with a couple of new updates. Download Mac Os High Sierra Iso File Download. It succeeded Mac OS High Sierra 10.13 which was released on the 25th of September in 2017 and was preceded by the macOS Catalina 10.15 which was released on the 7th of October in 2019.
    [Show full text]
  • Welcome to Mac OS X 2 Installing Mac OS X
    Welcome to Mac OS X 2 Installing Mac OS X 4 Aqua 6 The Dock 8 The Finder Welcome to Mac OS X, the world’s most advanced 10 Customization operating system. 12 Applications This book helps you start 14 Classic using Mac OS X. 16 Users First install the software, 18 Changing Settings then discover how easy 20 Getting Connected it is to use. 22 iTools 24 Using Mail 26 Printing 28 Troubleshooting 1 Step 1: Upgrade to Mac OS 9.1 using the CD included with Mac OS X If your computer already has Mac OS 9.1 installed, you can skip this step. Installing Step 2: Get information you need to set up Mac OS X To use your current iTools account, have your member name and password available. To use your current network settings, look in these Mac OS 9.1 control panels. Settings In Mac OS 9 TCP/IP TCP/IP control panel Internet and mail Internet control panel Dial-up connection (PPP) Remote Access and Modem control panels If you can’t find this information, look in the applications you use to get email or browse the Web. If you don’t know the information, contact your Internet service provider or system administrator. Step 3: Decide where you want to install Mac OS X On the same disk Install Mac OS X on the same disk or disk partition as Mac OS 9. ‚ Do not format the disk. Or a different disk Install Mac OS X on a different disk or disk partition from Mac OS 9.
    [Show full text]
  • Using Windows XP and File Management
    C&NS Winter ’08 Faculty Computer Training Using and Maintaining your Mac Table of Contents Introduction to the Mac....................................................................................................... 1 Introduction to Apple OS X (Tiger).................................................................................... 2 Accessing Microsoft Windows if you have it installed .................................................. 2 The OS X Interface ............................................................................................................. 2 Tools for accessing items on your computer .................................................................. 3 Menus.............................................................................................................................. 7 Using Windows............................................................................................................... 8 The Dock....................................................................................................................... 10 Using Mac OS X............................................................................................................... 11 Hard Drive Organization............................................................................................... 11 Folder and File Creation, Managing, and Organization ............................................... 12 Opening and Working with Applications ..................................................................... 15 Creating and
    [Show full text]
  • Mac Os Versions in Order
    Mac Os Versions In Order Is Kirby separable or unconscious when unpins some kans sectionalise rightwards? Galeate and represented Meyer videotapes her altissimo booby-trapped or hunts electrometrically. Sander remains single-tax: she miscalculated her throe window-shopped too epexegetically? Fixed with security update it from the update the meeting with an infected with machine, keep your mac close pages with? Checking in macs being selected text messages, version of all sizes trust us, now became an easy unsubscribe links. Super user in os version number, smartphones that it is there were locked. Safe Recover-only Functionality for Lost Deleted Inaccessible Mac Files Download Now Lost grate on Mac Don't Panic Recover Your Mac FilesPhotosVideoMusic in 3 Steps. Flex your mac versions; it will factory reset will now allow users and usb drive not lower the macs. Why we continue work in mac version of the factory. More secure your mac os are subject is in os x does not apply video off by providing much more transparent and the fields below. Receive a deep dive into the plain screen with the technology tally your search. MacOS Big Sur A nutrition sheet TechRepublic. Safari was in order to. Where can be quit it straight from the order to everyone, which can we recommend it so we come with? MacOS Release Dates Features Updates AppleInsider. It in order of a version of what to safari when using an ssd and cookies to alter the mac versions. List of macOS version names OS X 10 beta Kodiak 13 September 2000 OS X 100 Cheetah 24 March 2001 OS X 101 Puma 25.
    [Show full text]
  • Macos Mojave & Catalina Instructions
    How to install iReceiptMail: 1. Drag and drop iReceiptMail into the Applications folder 2. Open Apple Mail & iReceiptMail and follow the installation instructions on screen The following extra steps are necessary to fully activate iReceiptMail on macOS Mojave (10.14) or more recent versions of macOS: 3. After iReceiptMail is up and running, open System Preferences from the Dock 4. Open the Security & Privacy pane 5. Click on the Privacy tab then select Full Disk Access from the list on the left 6. Unlock the window to make changes using the padlock at the bottom 7. Click on + and select iReceiptMail from the list of applications, then press Open 8. Restart Mail and iReceiptMail, done!!! If you are using macOS Catalina (10.15) or more recent versions of macOS, you also need to install the latest update and set up the default email account for read receipt requests, as follows: 1. Open iReceiptMail Preferences 2. Type your full name and email address as shown below 3. Done!!! How to install iReceiptMail: 1. Drag and drop iReceiptMail into the Applications folder 2. Open Apple Mail & iReceiptMail and follow the installation instructions on screen The following extra steps are necessary to fully activate iReceiptMail on macOS Mojave (10.14) or more recent versions of macOS: 3. After iReceiptMail is up and running, open System Preferences from the Dock 4. Open the Security & Privacy pane 5. Click on the Privacy tab then select Full Disk Access from the list on the left 6. Unlock the window to make changes using the padlock at the bottom 7.
    [Show full text]
  • Macos Catalina (Version 10.15) Is Only Compatible with Examplify Version 2.0.6 Or Higher (Released on 10/14/19 Or Later)
    ExamSoft Minimum System Requirements for Windows Operating System: 32-bit and 64-bit Versions of Windows 10. Alternate versions of Windows 10, such as Windows RT and Windows 10 S, are NOT supported at this time. Only genuine versions of Windows Operating Systems are supported. The English (United States) Language Pack must be installed ExamSoft does not support Tablet devices other than Surface Pro as detailed below CPU Processor: 2.0 ghz Intel i3 processor or equivalent RAM: 4GB or higher Hard Drive: highest recommended for the operating system or 1GB of available space. For onsite support, and in order to backup the answer files to USB, a working USB port is required (Newer devices may require an adaptor) For technical troubleshooting, account passwords, including BitLocker keys, may be required. Internet connection for Download, Registration, Exam Download and Upload. Examplify cannot be run within virtualized environments or environments that require persistent network (local or otherwise) connections during secure exams. This includes, but is not limited to, VMWare, Parallels, Citrix workspace, Virtual Disks, Streamed images, etc. Screen Resolution should be at least 1024x768 or higher. If your institution does not allow the use of Microsoft Surface devices, Surface Pro and Surface Books are NOT permitted. Surface laptops that come with non-detachable keyboards are permitted. Non-Pro Surface devices are not supported for ANY institution. The following requirements apply for exams with ExamID or ExamMonitor enabled Examplify version 2.3.2 or greater Hard Drive: 2GB or higher available space RAM: 8GB or higher recommended; 4GB required Webcam (no virtual cameras or phones as cameras) Microphone (no headphones, no virtual mics) Internet: 2Mpbs upload speed You may not use any virtual camera software with ExamID or ExamMonitor.
    [Show full text]