UCF STIG Viewer Logo

Google Chrome Browser STIG


Date Finding Count (33)
2017-06-20 CAT I (High): 2 CAT II (Med): 29 CAT III (Low): 2
STIG Description
The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-44745 High The running of outdated plugins must be disabled.
V-44749 High Plugins requiring authorization must ask for user permission.
V-44777 Medium Incognito mode must be disabled.
V-44737 Medium Default search provider must be enabled.
V-44757 Medium 3D Graphics APIs must be disabled.
V-44733 Medium The default search providers name must be set.
V-44735 Medium The default search provider URL must be set to perform encrypted searches.
V-44773 Medium Search suggestions must be disabled.
V-44759 Medium Google Data Synchronization must be disabled.
V-44793 Medium Browser history must be saved.
V-44791 Medium Safe Browsing must be enabled,
V-44795 Medium Default behavior must block webpages from automatically running plugins.
V-44711 Medium Firewall traversal from remote host must be disabled.
V-44775 Medium Importing of saved passwords must be disabled.
V-44799 Medium Session only based cookies must be disabled.
V-44771 Medium Metrics reporting to Google must be disabled.
V-44805 Medium Browser must support auto-updates.
V-52795 Medium URLs must be whitelisted for plugin use
V-44763 Medium AutoFill must be disabled.
V-44723 Medium Site tracking users location must be disabled.
V-44727 Medium Extensions installation must be blacklisted by default.
V-44729 Medium Extensions that are approved for use must be whitelisted.
V-44787 Medium Automated installation of missing plugins must be disabled.
V-44769 Medium Network prediction must be disabled.
V-44741 Medium The Password Manager must be disabled.
V-44765 Medium Cloud print sharing must be disabled.
V-44789 Medium Online revocation checks must be done.
V-44761 Medium The URL protocol schema javascript must be disabled.
V-75165 Medium Access to history URL must be disabled.
V-44719 Medium Sites ability to show pop-ups must be disabled.
V-44753 Medium Background processing must be disabled.
V-44751 Low Third party cookies must be blocked.
V-44713 Low Sites ability for showing desktop notifications must be disabled.