STIG ID: APPL-14-005061 | SRG: SRG-OS-000095-GPOS-00049 | Severity: medium | CCI: | Vulnerability Id: V-259569
Erase Content and Settings must be disabled.
Configure the macOS system to disable Erase Content and Settings by
installing the "com.apple.applicationaccess" configuration profile.
Verify the macOS system is configured to disable Erase Content and Settings with the
following command:
/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('allowEraseContentAndSettings').js
EOS
If the result is not "false", this is a finding.