DTBC-0056 - Chrome must be configured to allow only TLS.

Information

If this policy is not configured then Google Chrome uses a default minimum version, which is TLS 1.0. Otherwise, it may be set to one of the following values: 'tls1', 'tls1.1' or 'tls1.2'.
When set, Google Chrome will not use SSL/TLS versions less than the specified version. An unrecognized value will be ignored.
'tls1' = TLS 1.0
'tls1.1' = TLS 1.1
'tls1.2' = TLS 1.2

Solution

Windows group policy:
1. Open the 'group policy editor' tool with gpedit.msc.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Chrome_V2R6_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CAT|I, CCI|CCI-002450, Rule-ID|SV-234701r615937_rule, STIG-ID|DTBC-0056, STIG-Legacy|V-81583, Vuln-ID|V-234701

Plugin: Windows

Control ID: 50ea904b5c346ad7a47fce7da44efdb1eae3ca7c21203e91caec6088e6b6f168