| V-35757 | High | Use of cleartext passwords in the Password Manager must be disabled | Cleartext passwords would allow another individual to see password via shouldersurfing.
"Controls whether the user may show passwords in clear text in the password manager. If you disable this... |
| V-35622 | High | Extensions must be blacklisted by default | Extensions are developed by third party sources. They are designed to extend Google Chrome's functionality. An extension can be made by anyone, to do and access almost anything on a system; this... |
| V-35771 | High | The URL protocol schemas file and javascript must be disabled | "Disables the listed protocol schemes in Google Chrome. URLs using a scheme from this list will not load and can not be navigated to. If this policy is left not set or the list is empty all... |
| V-35761 | High | Plugins requiring authorization must ask for user permission | "Allows Google Chrome to run plugins that require authorization. If you enable this setting, plugins that are not outdated always run. If this setting is disabled or not set, users will be asked... |
| V-35760 | High | The running of outdated plugins must be disabled | Running outdated plugins could lead to system compromise through the use of known exploits.Having plugins that udpated to the most current version ensures the smallest attack surfuce... |
| V-35758 | Medium | The Password Manager must be disabled | "Enables saving passwords and using saved passwords in Google Chrome. If you enable this setting, users can have Google Chrome memorize passwords and provide them automatically the next time they... |
| V-35759 | Medium | The HTTP Authentication must be set to negotiate | "Specifies which HTTP Authentication schemes are supported by Google Chrome. Possible values are 'basic', 'digest', 'ntlm' and 'negotiate'. Separate multiple values with commas. If this policy is... |
| V-35792 | Medium | Safe Browsing must be enabled | "Enables Google Chrome's Safe Browsing feature and prevents users from changing this setting. If you enable this setting, Safe Browsing is always active. If you disable this setting, Safe Browsing... |
| V-35793 | Medium | Browser history must be saved | "Disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting is enabled, browsing history is not saved. If this setting is disabled or not set,... |
| V-35790 | Medium | Automated installation of missing plugins must be disabled | "If you set this setting to enabled the automatic search and installation of missing plugins will be disabled in Google Chrome." - Google Chrome Administrators Policy List |
| V-35791 | Medium | Online revocation checks must be done | "By setting this policy to true, the previous behaviour is restored and online OCSP/CRL checks will be performed. If the policy is not set, or is set to false, then Chrome will not perform online... |
| V-35779 | Medium | Network prediction must be disabled | "Enables network prediction in Google Chrome and prevents users from changing this setting. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If... |
| V-35794 | Medium | Default behavior must block plugin usage | "Allows you to set whether websites are allowed to automatically run plugins. Automatically running plugins can be either allowed for all websites or denied for all websites. If this policy is... |
| V-35626 | Medium | Default search provider must be enabled | "Enables the use of a default search provider. If you enable this setting, a default search is performed when the user types text In the omnibox that is not a URL. You can specify the default... |
| V-35624 | Medium | The default search providers name must be set | "Specifies the name of the default search provider. If left empty or not set, the host name specified by the search URL will be used. This policy is only considered if the... |
| V-35777 | Medium | Google Chrome Instant must be disabled | "Enables Google Chrome's Instant feature and prevents users from changing this setting. If you enable this setting, Google Chrome Instant is enabled. If you disable this setting, Google Chrome... |
| V-35620 | Medium | Sites ability for showing desktop notifications must be disabled | "Allows you to set whether websites are allowed to display desktop notifications. Displaying desktop notifications can be allowed by default, denied by default or the user can be asked every time... |
| V-35621 | Medium | Sites ability to show pop-ups must be disabled | "Allows you to set whether websites are allowed to show pop-ups. Showing popups can be either allowed for all websites or denied for all websites. If this policy is left not set, 'BlockPopups'... |
| V-35625 | Medium | The default search provider URL must be set | "Specifies the URL of the search engine used when doing a default search. The URL should contain the string '{searchTerms}', which will be replaced at query time by the terms the user is searching... |
| V-35623 | Medium | Extensions that are approved for use must be whitelisted | The whitelist should only contain organizationally approved extensions. This is to prevent a user from accidently whitelisitng a malicious extension.
"Allows you to specify which extensions are... |
| V-35773 | Medium | AutoFill must be disabled | "Enables Google Chrome's AutoFill feature and allows users to auto complete web forms using previously stored information such as address or credit card information. If you disable this setting,... |
| V-35464 | Medium | Firewall traversal from remote host must be disabled | Remote connections should never be allowed that bypass the firewall, as there is no way to verify if they can be trusted.
"Enables usage of STUN and relay servers when remote clients are trying... |
| V-35785 | Medium | Incognito mode must be disabled | Incognito mode prevents saving of anything from the current session. This is bad from a foreignics standpoint. This information needs to be retained in case a compromise happens.
"pecifies... |
| V-35784 | Medium | Importing of saved passwords must be disabled | "This policy forces the saved passwords to be imported from the previous default browser if enabled. If enabled, this policy also affects the import dialog. If disabled, the saved passwords are... |
| V-35787 | Medium | The user data location must be set | "Configures the directory that Google Chrome will use for storing user data. If you set this policy, Google Chrome will use the provided directory regardless whether the user has specified the... |
| V-35781 | Medium | Search suggestions must be disabled | "Search suggestion should be disabled as it could lead to searches being conducted that were never intended to be made." - Google Chrome Administrators Policy List |
| V-35780 | Medium | Metrics reporting to Google must be disabled | "Enables anonymous reporting of usage and crash-related data about Google Chrome to Google and prevents users from changing this setting. If you enable this setting, anonymous reporting of usage... |
| V-35769 | Medium | Google Data Synchronization must be disabled | "Disables data synchronization in Google Chrome using Google-hosted synchronization services and prevents users from changing this setting. If you enable this setting, users cannot change or... |
| V-35767 | Medium | 3D Graphics APIs must be disabled | "Disable support for 3D graphics APIs. Enabling this setting prevents web pages from accessing the graphics processing unit (GPU). Specifically, web pages can not access the WebGL API and plugins... |
| V-35765 | Medium | The SPDY protocol must be disabled | "Disables use of the SPDY protocol in Google Chrome. If this policy is enabled the SPDY protocol will not be available in Google Chrome. Setting this policy to disabled will allow the usage of... |
| V-35764 | Medium | Background processing must be disabled | "Determines whether a Google Chrome process is started on OS login and keeps running when the last browser window is closed, allowing background apps to remain active. The background process... |
| V-35763 | Medium | Site data must not be wiped on closing the browser | "This policy is an override for the "Clear cookies and other site data when I close my browser" content settings option. When set to enabled Google Chrome will delete all locally stored data from... |
| V-35788 | Medium | Plugins must be disabled by default | "Specifies a list of plugins that are disabled in Google Chrome and prevents users from changing this setting. The wildcard characters * and ? can be used to match sequences of arbitrary... |
| V-35619 | Medium | Site tracking users location must be disabled | Tracking of user location data over time poses a significant OPSEC issue.
"allows you to set whether websites are allowed to track the users' physical location. Tracking the users' physical... |
| V-35776 | Medium | Cloud print sharing must be disabled | "Enables Google Chrome to act as a proxy between Google Cloud Print and legacy printers connected to the machine. If this setting is enabled or not configured, users can enable the cloud print... |
| V-35762 | Low | Third party cookies must be blocked | "Blocks third party cookies. Enabling this setting prevents cookies from being set by web page elements that are not from the domain that is in the browser's address bar. Disabling this setting... |
