STIG ID: APPL-14-005070 | SRG: SRG-OS-000080-GPOS-00048 | Severity: medium | CCI: | Vulnerability Id: V-259570
Authenticated Root must be enabled.
When Authenticated Root is enabled the macOS is booted from a signed volume that is cryptographically protected to prevent tampering with the system volume.
Note: Authenticated Root is enabled by default on macOS systems.
WARNING: If more than one partition with macOS is detected, the csrutil command will hang awaiting input.
Configure the macOS system to enable authenticated root with the following command:
/usr/bin/csrutil authenticated-root enable
Note: To reenable "Authenticated Root", boot the affected system into "Recovery" mode, launch "Terminal" from the "Utilities" menu, and run the command.
Verify the macOS system is configured to enable authenticated root with the following command:
/usr/bin/csrutil authenticated-root | /usr/bin/grep -c 'enabled'
If the result is not "1", this is a finding.