STIG ID: APPL-14-002220 | SRG: SRG-OS-000095-GPOS-00049 | Severity: medium | CCI: | Vulnerability Id: V-259530
Dictation must be restricted to on device only to prevent potential data exfiltration.
The information system must be configured to provide only essential capabilities.
Configure the macOS system to enforce on device dictation by installing the "com.apple.applicationaccess" configuration profile.
For Intel-based systems, this is not applicable.
Verify the macOS system is configured to enforce on device dictation with the following command:
/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('forceOnDeviceOnlyDictation').js
EOS
If the result is not "true", this is a finding.