CIS Microsoft Edge v3.0.0 L1

Audit Details

Name: CIS Microsoft Edge v3.0.0 L1

Updated: 1/6/2025

Authority: CIS

Plugin: Windows

Revision: 1.1

Estimated Item Count: 102

File Details

Filename: CIS_Microsoft_Edge_v3.0.0_L1.audit

Size: 196 kB

MD5: 3eea584c3838541c09285bca480e2e32
SHA256: c495d3b722ec8805795e66e8be4f6cb72922ba376c3a48e095f447105e15c198

Audit Items

DescriptionCategories
1.2.1 (L1) Ensure 'Enable Google Cast' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.3.2 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content'

SYSTEM AND COMMUNICATIONS PROTECTION

1.3.5 (L1) Ensure 'Control use of the File System API for writing' is set to 'Enabled: Don't allow any site to request write access to files and directories'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.8 (L1) Ensure 'Default automatic downloads setting' is set to 'Enabled: Don't allow any website to perform automatic downloads'

SYSTEM AND INFORMATION INTEGRITY

1.3.9 (L1) Ensure 'Default geolocation setting' is set to 'Enabled: Don't allow any site to track users' physical location'

CONFIGURATION MANAGEMENT

1.5.1 (L1) Ensure 'Configure Edge Website Typo Protection' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.7.1 (L1) Ensure 'Configure users ability to override feature flags' is set to 'Enabled: Prevent users from overriding feature flags'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.8.1 (L1) Ensure 'Blocks external extensions from being installed' is set to 'Enabled'

CONFIGURATION MANAGEMENT

1.9.1 Ensure 'Enable Gamer Mode' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.10.1 (L1) Ensure 'Allow Basic authentication for HTTP' is set to 'Disabled'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.10.2 (L1) Ensure 'Allow cross-origin HTTP Authentication prompts' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.11.1 (L1) Ensure 'Enable the linked account feature' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.11.2 (L1) Ensure 'Guided Switch Enabled' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.17.1 (L1) Ensure 'Enable saving passwords to the password manager' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.18.1 (L1) Ensure 'Enable startup boost' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.21.1 (L1) Ensure 'Specifies whether to allow websites to make requests to more-private network endpoints' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.25.1 (L1) Ensure 'Configure Microsoft Defender SmartScreen' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.25.2 (L1) Ensure 'Configure Microsoft Defender SmartScreen to block potentially unwanted apps' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.25.3 (L1) Ensure 'Enable Microsoft Defender SmartScreen DNS requests' is set to 'Disabled'

SYSTEM AND INFORMATION INTEGRITY

1.25.4 (L1) Ensure 'Force Microsoft Defender SmartScreen checks on downloads from trusted sources' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.25.5 (L1) Ensure 'Prevent bypassing Microsoft Defender SmartScreen prompts for sites' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.25.6 (L1) Ensure 'Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.26.1 (L1) Ensure 'Disable Bing chat entry-points on Microsoft Edge Enterprise new tab page' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.27 (L1) Ensure 'Ads setting for sites with intrusive ads' is set to 'Enabled: Block ads on sites with intrusive ads.'

SYSTEM AND INFORMATION INTEGRITY

1.28 (L1) Ensure 'Allow download restrictions' is set to 'Enabled: Block malicious downloads'

SYSTEM AND INFORMATION INTEGRITY

1.31 (L1) Ensure 'Allow Google Cast to connect to Cast devices on all IP addresses' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.32 (L1) Ensure 'Allow import of data from other browsers on each Microsoft Edge launch' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.33 (L1) Ensure 'Allow importing of autofill form data' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.34 (L1) Ensure 'Allow importing of browser settings' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.35 (L1) Ensure 'Allow importing of home page settings' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.36 (L1) Ensure 'Allow importing of payment info' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.37 (L1) Ensure 'Allow importing of saved passwords' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.38 (L1) Ensure 'Allow importing of search engine settings' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.39 (L1) Ensure 'Allow managed extensions to use the Enterprise Hardware Platform API' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.43 (L1) Ensure 'Allow personalization of ads, Microsoft Edge, search, news and other Microsoft services by sending browsing history, favorites and collections, usage and other browsing data to Microsoft' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.44 (L1) Ensure 'Allow queries to a Browser Network Time service' is set to 'Enabled'

AUDIT AND ACCOUNTABILITY

1.45 (L1) Ensure 'Allow remote debugging' is set to 'Disabled'

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.46 (L1) Ensure 'Allow the audio sandbox to run' is set to 'Enabled'

CONFIGURATION MANAGEMENT

1.48 (L1) Ensure 'Allow user feedback' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.52 (L1) Ensure 'Allow websites to query for available payment methods' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.54 (L1) Ensure 'Automatically import another browser's data and settings at first run' is set to 'Enabled: Disables automatic import, and the import section of the first-run experience is skipped'

CONFIGURATION MANAGEMENT

1.55 (L1) Ensure 'Automatically open downloaded MHT or MHTML files from the web in Internet Explorer mode' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.57 (L1) Ensure 'Block tracking of users' web-browsing activity' is set to 'Enabled: Balanced (Blocks harmful trackers and trackers from sites user has not visited; content and ads will be less personalized)' or higher

SYSTEM AND INFORMATION INTEGRITY

1.59 (L1) Ensure 'Clear browsing data when Microsoft Edge closes' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.60 (L1) Ensure 'Clear cached images and files when Microsoft Edge closes' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.61 (L1) Ensure 'Clear history for IE and IE mode every time you exit' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.62 (L1) Ensure 'Compose is enabled for writing on the web' is set to 'Disabled'

CONFIGURATION MANAGEMENT

1.63 (L1) Ensure 'Configure browser process code integrity guard setting' is set to 'Enabled: Enable code integrity guard enforcement in the browser process.'

SYSTEM AND INFORMATION INTEGRITY

1.64 (L1) Ensure 'Configure InPrivate mode availability' is set to 'Enabled: InPrivate mode disabled'

CONFIGURATION MANAGEMENT

1.66 (L1) Ensure 'Configure Related Matches in Find on Page' is set to 'Disabled'

CONFIGURATION MANAGEMENT