CIS BenchMark for Monterey #16
Description
I have some confusion regarding this CIS script.
Question #1: can I use one than other like whether REMEDIATED USING CONFIGURATION PROFILES or Script remediation with policy? Or do I have to use both?
Question #2: Getting syntax error for Python command not found for following command
currentUser="$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "\n");')"
Question #3: Confused about Script 2_Security_Audit_Compliance.sh script and then that will impact on other as well. So please let me know how can I perform that. Another thing those remediation which I will remediate via Profile do i need to make those organizational value true or false. like
2.1.1 Turn off Bluetooth, if no paired devices exist this one I applied with Custom profile so do I need to set this value True or false.
OrgScore2_1_1="false".
Question #3: When I deployed Custom setting profile then .plist is not updating but that showing it aplied.
Example: 2.10 Enable Secure Keyboard Entry in terminal.app and iTerm 2
Configuration Profile - Custom payload > com.apple.Terminal > SecureKeyboardEntry=true
I used the configuration profile and that is showing secure Keyboard Entry checked when I look from apple menu but that didnot changed on /Users/pcmwksadm/Library/Preferences/com.apple.Terminal.plist key value SecureKeyboardEntry True.