CIS Microsoft Edge L2 v1.1.0

Audit Details

Name: CIS Microsoft Edge L2 v1.1.0

Updated: 1/4/2023

Authority: CIS

Plugin: Windows

Revision: 1.0

Estimated Item Count: 39

File Details

Filename: CIS_Microsoft_Edge_v1.1.0_L2.audit

Size: 80.8 kB

MD5: ae4dcd67b2a26940fa3e4854af86825e
SHA256: c7daa06bb21460320ea4e58c1f995dedcdfec6547faddf5b6344b1066f4391a4

Audit Items

DescriptionCategories
1.3.1 Ensure 'Allow read access via the File System API on these sites' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.2 Ensure 'Choose whether users can receive customized background images and text, suggestions, notifications, and tips for Microsoft services' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.3.4 Ensure 'Control use of JavaScript JIT' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.5 Ensure 'Control use of the File System API for reading' is set to 'Enabled: Don't allow any site to request read access to files and directories'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.7 Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.8 Ensure 'Control use of the WebHID API' is set to 'Enabled: Do not allow any site to request access to HID devices via the WebHID API'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1 Ensure 'Configure extension management settings' is set to 'Enabled: *'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.3 Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.25 Ensure 'Allow features to download assets from the Asset Delivery Service' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.26 Ensure 'Allow file selection dialog' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.35 Ensure 'Allow or block audio capture' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.36 Ensure 'Allow or block video capture' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.37 Ensure 'Allow or deny screen capture' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.41 Ensure 'Allow suggestions from local providers' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.43 Ensure 'Allow unconfigured sites to be reloaded in Internet Explorer mode' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.45 Ensure 'Allow users to open files using the ClickOnce protocol' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.46 Ensure 'Allow users to open files using the DirectInvoke protocol' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.47 Ensure 'Allow users to proceed from the HTTPS warning page' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.49 Ensure 'AutoLaunch Protocols Component Enabled' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.51 Ensure 'Block third party cookies' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.53 Ensure 'Browser sign-in settings' is set to 'Enabled: Disable browser sign-in'

CONFIGURATION MANAGEMENT

1.57 Ensure 'Configure Online Text To Speech' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.58 Ensure 'Configure Related Matches in Find on Page' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.59 Ensure 'Configure Speech Recognition' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.66 Ensure 'Control use of the Headless Mode' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.67 Ensure 'Control use of the Serial API' is set to 'Enable: Do not allow any site to request access to serial ports via the Serial API'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.68 Ensure 'Control where security restrictions on insecure origins apply' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.69 Ensure 'Default sensor setting' is set to 'Enabled: Do not allow any site to access sensors'

CONFIGURATION MANAGEMENT

1.81 Ensure 'Enable guest mode' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.86 Ensure 'Enable Search suggestions' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.89 Ensure 'Enable Translate' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.93 Ensure 'Enforce Bing SafeSearch' is set to 'Enabled: Configure moderate search restrictions in Bing'

CONFIGURATION MANAGEMENT

1.94 Ensure 'Enforce Google SafeSearch' is set to 'Enabled'

CONFIGURATION MANAGEMENT

1.98 Ensure 'Let users snip a Math problem and get the solution with a step-by-step explanation in Microsoft Edge' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.104 Ensure 'Shopping in Microsoft Edge Enabled' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.105 Ensure 'Show an 'Always open' checkbox in external protocol dialog' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.106 Ensure 'Show Microsoft Rewards experiences' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.109 Ensure 'Specify if online OCSP/CRL checks are required for local trust anchors' is set to 'Enabled'

CONFIGURATION MANAGEMENT

CIS_Microsoft_Edge_v1.1.0_L2.audit from CIS Microsoft Edge Benchmark