U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CIS Mac OSX 10.5 (Leopard) Benchmark v1.1.0 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
Apple Mac OS X 10.5 cpe:/o:apple:mac_os_x:10.5 (View CVEs)

Checklist Highlights

Checklist Name:
CIS Mac OSX 10.5 (Leopard) Benchmark
Checklist ID:
Review Status:
Third Party: Center for Internet Security (CIS)
Original Publication Date:

Checklist Summary:

Mac OS X 10.5 Leopard1 is a UNIX2 operating system sold by Apple, Inc. that only runs on Apple Macintosh hardware. Leopard comes with equipped with a number of applications and features. This document provides prescriptive guidance for securing the Leopard operating system, along with its applications and features, in accordance with best practice. However, several optional applications and features offered by Leopard, including iCal, iChat, iTunes, Mail, the Oxford dictionaries, Safari, X11, and printer drivers, will not be discussed.

Checklist Role:

  • Desktop Operating System

Known Issues:

Not provided.

Target Audience:

This benchmark provides recommendations on security for users of Mac OS X 10.5 Leopard. The recommendations are aimed at general-purpose Mac OS X systems used by individuals and by enterprise users. This document does not apply to users of Mac OS X Server or special purpose configurations.

Target Operational Environment:

  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.


It is assumed that the reader is versed in performing administrative configuration changes to the Leopard operating system. Additionally, recommendations articulated within this document are intended to align with the Tiger Apple/NSA Guidelines with respect to content and detail, where applicable.


CIS makes no representations, warranties, or covenants whatsoever as to (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing or (ii) the accuracy, reliability, timeliness, or completeness of the Products or the Recommendations. CIS is providing the Products and the Recommendations as is and as available without representations, warranties, or covenants of any kind.

Product Support:

Not provided.

Point of Contact:



Not provided.


Not provided.

Change History:

05-09-2008-Public Release
12-29-2010-Version 1.1.0
updated URLs - 7/23/19
Archive - 8/31/23


URL Description


Reference URL Description

NIST checklist record last modified on 08/31/2023