DISA STIG Google Chrome v2r6

Audit Details

Name: DISA STIG Google Chrome v2r6

Updated: 5/18/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.0

Estimated Item Count: 44

File Details

Filename: DISA_STIG_Google_Chrome_Windows_v2r6.audit

Size: 80.5 kB

MD5: 026513105ab59c57e814dd37ec907fd0
SHA256: 2f39484f6eccfac8bb7730c39257713556c770b1c689a18e8c4bad531e5bc169

Audit Items

DescriptionCategories
DISA_STIG_Google_Chrome_Windows_v2r6.audit from DISA Google Chrome Current Windows v2r6 STIG
DTBC-0001 - Firewall traversal from remote host must be disabled.

ACCESS CONTROL

DTBC-0002 - Site tracking users location must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0004 - Sites ability to show pop-ups must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0005 - Extensions installation must be blocklisted by default.

AUDIT AND ACCOUNTABILITY

DTBC-0006 - Extensions that are approved for use must be allowlisted.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0007 - The default search providers name must be set.

CONFIGURATION MANAGEMENT

DTBC-0008 - The default search provider URL must be set to perform encrypted searches.

CONFIGURATION MANAGEMENT

DTBC-0009 - Default search provider must be enabled.

CONFIGURATION MANAGEMENT

DTBC-0011 - The Password Manager must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0017 - Background processing must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0020 - Google Data Synchronization must be disabled.

ACCESS CONTROL

DTBC-0021 - The URL protocol schema javascript must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0023 - Cloud print sharing must be disabled.

ACCESS CONTROL

DTBC-0025 - Network prediction must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0026 - Metrics reporting to Google must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0027 - Search suggestions must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0029 - Importing of saved passwords must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0030 - Incognito mode must be disabled.

AUDIT AND ACCOUNTABILITY

DTBC-0037 - Online revocation checks must be performed.

IDENTIFICATION AND AUTHENTICATION

DTBC-0038 - Safe Browsing must be enabled,

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0039 - Browser history must be saved.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0045 - Session only based cookies must be disabled.

AUDIT AND ACCOUNTABILITY

DTBC-0050 - The version of Google Chrome running on the system must be a supported version.

SYSTEM AND INFORMATION INTEGRITY

DTBC-0052 - Deletion of browser history must be disabled.

AUDIT AND ACCOUNTABILITY

DTBC-0053 - Prompt for download location must be enabled.

AUDIT AND ACCOUNTABILITY

DTBC-0055 - Download restrictions must be configured.

AUDIT AND ACCOUNTABILITY

DTBC-0056 - Chrome must be configured to allow only TLS.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0057 - Safe Browsing Extended Reporting must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0058 - WebUSB must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0060 - Chrome Cleanup must be disabled.

AUDIT AND ACCOUNTABILITY

DTBC-0061 - Chrome Cleanup reporting must be disabled.

AUDIT AND ACCOUNTABILITY

DTBC-0063 - Google Cast must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0064 - Autoplay must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0065 - URLs must be allowlisted for Autoplay use.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0066 - Anonymized data collection must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0067 - Collection of WebRTC event logs must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0068 - Chrome development tools must be disabled.

SYSTEM AND INFORMATION INTEGRITY

DTBC-0069 - Guest Mode must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0070 - AutoFill for credit cards must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0071 - AutoFill for addresses must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0072 - Import AutoFill form data must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0073 - Web Bluetooth API must be disabled.

CONFIGURATION MANAGEMENT

DTBC-0074 - Use of the QUIC protocol must be disabled.

CONFIGURATION MANAGEMENT