UCF STIG Viewer Logo

Google Chrome Current Windows Security Technical Implementation Guide


Overview

Date Finding Count (44)
2020-06-05 CAT I (High): 1 CAT II (Med): 42 CAT III (Low): 1
STIG Description
The Google Chrome Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-44745 High The running of outdated plugins must be disabled.
V-44777 Medium Incognito mode must be disabled.
V-44789 Medium Online revocation checks must be done.
V-79929 Medium Prompt for download location must be enabled.
V-44733 Medium The default search providers name must be set.
V-44735 Medium The default search provider URL must be set to perform encrypted searches.
V-44737 Medium Default search provider must be enabled.
V-44773 Medium Search suggestions must be disabled.
V-44759 Medium Google Data Synchronization must be disabled.
V-44793 Medium Browser history must be saved.
V-44791 Medium Safe Browsing must be enabled,
V-44795 Medium Default behavior must block webpages from automatically running plugins.
V-102873 Medium Import AutoFill form data must be disabled.
V-44775 Medium Importing of saved passwords must be disabled.
V-102871 Medium AutoFill for addresses must be disabled.
V-44799 Medium Session only based cookies must be disabled.
V-44771 Medium Metrics reporting to Google must be disabled.
V-44805 Medium The version of Google Chrome running on the system must be a supported version.
V-81589 Medium URLs must be whitelisted for Autoplay use.
V-81581 Medium Autoplay must be disabled.
V-81583 Medium Chrome must be configured to allow only TLS.
V-81585 Medium Safe Browsing Extended Reporting must be disabled.
V-81587 Medium WebUSB must be disabled.
V-52795 Medium URLs must be whitelisted for plugin use
V-44723 Medium Site tracking users location must be disabled.
V-81593 Medium Chrome Cleanup reporting must be disabled.
V-79931 Medium Download restrictions must be configured.
V-44727 Medium Extensions installation must be blacklisted by default.
V-91203 Medium Anonymized data collection must be disabled.
V-44729 Medium Extensions that are approved for use must be whitelisted.
V-102869 Medium AutoFill for credit cards must be disabled.
V-44769 Medium Network prediction must be disabled.
V-44741 Medium The Password Manager must be disabled.
V-44765 Medium Cloud print sharing must be disabled.
V-44761 Medium The URL protocol schema javascript must be disabled.
V-102867 Medium Guest Mode must be disabled.
V-75165 Medium Deletion of browser history must be disabled.
V-44719 Medium Sites ability to show pop-ups must be disabled.
V-44711 Medium Firewall traversal from remote host must be disabled.
V-81591 Medium Chrome Cleanup must be disabled.
V-91205 Medium Collection of WebRTC event logs must be disabled.
V-81597 Medium Google Cast must be disabled.
V-44753 Medium Background processing must be disabled.
V-97525 Low Chrome development tools must be disabled.