DTBC-0055 - Download restrictions must be configured.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Configure the type of downloads that Google Chrome will completely block, without letting users override the security decision. If you set this policy, Google Chrome will prevent certain types of downloads, and will not let user bypass the security warnings. When the 'Block dangerous downloads' option is chosen, all downloads are allowed, except for those that carry SafeBrowsing warnings. When the 'Block potentially dangerous downloads' option is chosen, all downloads allowed, except for those that carry SafeBrowsing warnings of potentially dangerous downloads. When the 'Block all downloads' option is chosen, all downloads are blocked. When this policy is not set, (or the 'No special restrictions' option is chosen), the downloads will go through the usual security restrictions based on SafeBrowsing analysis results.

Note that these restrictions apply to downloads triggered from web page content, as well as the 'download link...' context menu option. These restrictions do not apply to the save / download of the currently displayed page, nor does it apply to saving as PDF from the printing options. See https://developers.google.com/safe-browsing for more info on SafeBrowsing.
0 = No special restrictions
1 = Block dangerous downloads
2 = Block potentially dangerous downloads
3 = Block all downloads

Solution

If the system is on the SIPRNet, this requirement is NA.
Windows group policy:
1. Open the group policy editor tool with gpedit.msc
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\
Policy Name: Allow download restrictions
Policy State: 1 or 2
Policy Value: N/A

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Chrome_V2R8_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000169, Rule-ID|SV-221588r615937_rule, STIG-ID|DTBC-0055, STIG-Legacy|SV-94635, STIG-Legacy|V-79931, Vuln-ID|V-221588

Plugin: Windows

Control ID: 53357d947d71dcbbf0f18d039aa5116f263d7cc684c1b01ef5040663c79abe4f