UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Google Chrome Current Windows Security Technical Implementation Guide


Overview

Date Finding Count (43)
2019-10-04 CAT I (High): 1 CAT II (Med): 39 CAT III (Low): 3
STIG Description
The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-44745 High The running of outdated plugins must be disabled.
V-44777 Medium Incognito mode must be disabled.
V-79929 Medium Prompt for download location must be enabled.
V-44737 Medium Default search provider must be enabled.
V-44757 Medium 3D Graphics APIs must be disabled.
V-44733 Medium The default search providers name must be set.
V-44735 Medium The default search provider URL must be set to perform encrypted searches.
V-44773 Medium Search suggestions must be disabled.
V-44759 Medium Google Data Synchronization must be disabled.
V-44793 Medium Browser history must be saved.
V-44791 Medium Safe Browsing must be enabled,
V-44795 Medium Default behavior must block webpages from automatically running plugins.
V-44711 Medium Firewall traversal from remote host must be disabled.
V-44775 Medium Importing of saved passwords must be disabled.
V-44799 Medium Session only based cookies must be disabled.
V-44771 Medium Metrics reporting to Google must be disabled.
V-44805 Medium The version of Google Chrome running on the system must be a supported version.
V-81589 Medium URLs must be whitelisted for Autoplay use.
V-81581 Medium Autoplay must be disabled.
V-81583 Medium Chrome must be configured to allow only TLS.
V-81585 Medium Safe Browsing Extended Reporting must be disabled.
V-81587 Medium WebUSB must be disabled.
V-52795 Medium URLs must be whitelisted for plugin use
V-44723 Medium Site tracking users location must be disabled.
V-79931 Medium Download restrictions must be configured.
V-44727 Medium Extensions installation must be blacklisted by default.
V-91203 Medium Anonymized data collection must be disabled.
V-44729 Medium Extensions that are approved for use must be whitelisted.
V-44769 Medium Network prediction must be disabled.
V-44741 Medium The Password Manager must be disabled.
V-44765 Medium Cloud print sharing must be disabled.
V-44789 Medium Online revocation checks must be done.
V-44761 Medium The URL protocol schema javascript must be disabled.
V-75165 Medium Deletion of browser history must be disabled.
V-44719 Medium Sites ability to show pop-ups must be disabled.
V-81593 Medium Chrome Cleanup reporting must be disabled.
V-81591 Medium Chrome Cleanup must be disabled.
V-91205 Medium Collection of WebRTC event logs must be disabled.
V-81597 Medium Google Cast must be disabled.
V-44753 Medium Background processing must be disabled.
V-44751 Low Third party cookies must be blocked.
V-44713 Low Sites ability for showing desktop notifications must be disabled.
V-97525 Low Chrome development tools must be disabled.