The macOS Application Firewall must be enabled.

STIG ID: APPL-13-005050  |  SRG: SRG-OS-000480-GPOS-00232 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-257242

Vulnerability Discussion

Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.

Check

Verify the macOS system is configured to enable the built-in firewall with the following command:

/usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep "EnableFirewall\|EnableStealthMode"

EnableFirewall = 1;
EnableStealthMode = 1;

If "EnableFirewall" and "EnableStealthMode" are not set to "1", this is a finding.

Fix

Configure the macOS system to enable the built-in firewall by installing the "Restrictions Policy" configuration profile.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.