| 2.1.1 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled' | CONFIGURATION MANAGEMENT |
| 2.2.4 (L2) Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session' | CONFIGURATION MANAGEMENT |
| 2.2.5 (L2) Ensure 'Control use of the File System API for reading' is set to 'Enabled: Do not allow any site to request read access to files and directories via the File System API' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.8 (L2) Ensure 'Control use of JavaScript JIT' is set to 'Enabled: Do not allow any site to run JavaScript JIT' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.9 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications' | CONFIGURATION MANAGEMENT |
| 2.2.10 (L2) Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors' | CONFIGURATION MANAGEMENT |
| 2.2.11 (L2) Ensure 'Control use of the Serial API' is set to 'Enabled: Do not allow any site to request access to serial ports via the Serial API' | CONFIGURATION MANAGEMENT |
| 2.2.13 (L2) Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.14 (L2) Ensure 'Control use of the WebHID API' is set to 'Enabled: Do not allow any site to request access to HID devices via the WebHID API' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.15 (L2) Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API' | CONFIGURATION MANAGEMENT |
| 2.2.16 (L2) Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.17 (L2) Ensure 'Allow read access via the File System API on these sites' is set to 'Disabled' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.19 (L2) Ensure 'Block Window Management permission on these sites' Is Configured | ACCESS CONTROL |
| 2.2.20 (L2) Ensure 'Allow Window Management permission on these sites' Is Configured | ACCESS CONTROL |
| 2.3.4 (L2) Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only | RISK ASSESSMENT |
| 2.3.5 (L2) Ensure 'Extension management settings' is set to 'Enabled: *' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.2 (L2) Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.1 (L2) Ensure 'Configure native messaging blocklist' is set to 'Enabled: *' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.16 (L2) Ensure 'Enable additional protections for users enrolled in the Advanced Protection program' Is Set to 'Enabled' | ACCESS CONTROL |
| 2.18 (L2) Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled' | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.21 (L2) Ensure 'Allow or deny audio capture' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| 2.23 (L2) Ensure 'Enable AutoFill for addresses' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| 2.27 (L2) Ensure 'Enable guest mode in browser' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| 2.29 (L2) Ensure 'Browser sign in settings' is set to 'Enabled: Disabled browser sign-in' | SYSTEM AND INFORMATION INTEGRITY |
| 2.38 (L2) Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback' | ACCESS CONTROL, AWARENESS AND TRAINING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.45 (L2) Ensure 'Show an 'Always open' checkbox in external protocol dialog' is set to 'Disabled' | CONFIGURATION MANAGEMENT |
| 2.48 (L2) Ensure 'Force Google SafeSearch' is set to 'Enabled' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.70 (L2) Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.71 (L2) Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.73 (L2) Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.75 (L2) Ensure 'Enable search suggestions' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| 2.83 (L2) Ensure 'Enable Translate' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| 2.86 (L2) Ensure 'Allow or deny video capture' is set to 'Disabled' | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Google_Chrome_Group_Policy_v1.0.0_L2.audit from CIS Google Chrome Group Policy Benchmark v1.0.0 | |
