Guest Mode must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-226401	DTBC-0069	SV-226401r615937_rule		Medium

Description
If this policy is set to true or not configured, Google Chrome will enable guest logins. Guest logins are Google Chrome profiles where all windows are in incognito mode. If this policy is set to false, Google Chrome will not allow guest profiles to be started.

STIG	Date
Google Chrome Current Windows Security Technical Implementation Guide	2022-09-09

Details

Check Text ( C-28109r478217_chk )
Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If BrowserGuestModeEnabled is not displayed under the Policy Name column or it is not set to 0 under the Policy Value column, this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the BrowserGuestModeEnabled value name does not exist or its value data is not set to 0, this is a finding.

Check Text ( C-28109r478217_chk )

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If BrowserGuestModeEnabled is not displayed under the Policy Name column or it is not set to 0 under the Policy Value column, this is a finding.

Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the BrowserGuestModeEnabled value name does not exist or its value data is not set to 0, this is a finding.

Fix Text (F-28097r478218_fix)
Windows group policy: 1. Open the "group policy editor" tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Enable guest mode in browser Policy State: Disabled