Apr 9, 2025 Added- 1.8 (L2) Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content'
- 2.12 (L2) Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled'
- 2.15 (L2) Ensure 'Force Google SafeSearch' is set to 'Enabled'
- 2.18 (L2) Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled'
- 2.2.2 (L2) Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API'
- 2.2.3 (L2) Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API'
- 2.2.4 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'
- 2.23 (L2) Ensure 'Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store' Is Enabled
- 2.3.4 (L2) Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked
- 2.3.6 (L2) Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only
- 2.4.1 (L2) Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'
- 2.5.1 (L2) Ensure 'Configure native messaging blocklist' is set to 'Enabled: *'
- 3.1.1 (L2) Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session'
- 3.14 (L2) Ensure 'Enable search suggestions' is set to 'Disabled'
- 3.15 (L2) Ensure 'Enable Translate' is set to 'Disabled'
- 3.5 (L2) Ensure 'Browser sign in settings' is set to 'Enabled: Disabled browser sign-in'
- 4.1.1 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled'
- 4.12 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled'
- 4.2.1 (L2) Ensure 'Control use of the Serial API' is set to 'Enabled: Do not allow any site to request access to serial ports via the Serial API'
- 4.2.2 (L2) Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors'
- 4.2.6 (L2) Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission'
- 4.2.7 (L2) Ensure 'Allow Window Management permission on these sites' Is Configured
- 4.2.8 (L2) Ensure 'Block Window Management permission on these sites' Is Configured
- 4.3 (L2) Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled'
- 4.4 (L2) Ensure 'Allow or deny audio capture' is set to 'Disabled'
- 4.5 (L2) Ensure 'Allow or deny video capture' is set to 'Disabled'
- 4.7 (L2) Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback'
- 4.8 (L2) Ensure 'Enable AutoFill for addresses' is set to 'Disabled'
- 5.1 (L2) Ensure 'Enable guest mode in browser' is set to 'Disabled'
- 5.2 (L2) Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'
Removed- 1.8 Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content'
- 2.12 Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled'
- 2.15 Ensure 'Force Google SafeSearch' is set to 'Enabled'
- 2.18 Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled'
- 2.2.2 Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API'
- 2.2.3 Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API'
- 2.2.4 Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'
- 2.23 Ensure 'Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store' Is Enabled
- 2.3.4 Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked
- 2.3.6 Ensure 'Control Manifest v2 extension availability' Is Set to Forced Only
- 2.4.1 Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'
- 2.5.1 Ensure 'Configure native messaging blocklist' is set to 'Enabled: *'
- 3.1.1 Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session'
- 3.14 Ensure 'Enable search suggestions' is set to 'Disabled'
- 3.15 Ensure 'Enable Translate' is set to 'Disabled'
- 3.5 Ensure 'Browser sign in settings' is set to 'Enabled: Disabled browser sign-in'
- 4.1.1 Ensure 'Allow or deny screen capture' is set to 'Disabled'
- 4.12 Ensure 'Allow or deny screen capture' is set to 'Disabled'
- 4.2.1 Ensure 'Control use of the Serial API' is set to 'Enabled: Do not allow any site to request access to serial ports via the Serial API'
- 4.2.2 Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors'
- 4.2.6 Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission'
- 4.2.7 Ensure 'Allow Window Management permission on these sites' Is Configured
- 4.2.8 Ensure 'Block Window Management permission on these sites' Is Configured
- 4.3 Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled'
- 4.4 Ensure 'Allow or deny audio capture' is set to 'Disabled'
- 4.5 Ensure 'Allow or deny video capture' is set to 'Disabled'
- 4.7 Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback'
- 4.8 Ensure 'Enable AutoFill for addresses' is set to 'Disabled'
- 5.1 Ensure 'Enable guest mode in browser' is set to 'Disabled'
- 5.2 Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'
|
Jan 6, 2025 Miscellaneous- Metadata updated.
- References updated.
|
Jun 17, 2024 |
