Skip to content

Google Chrome Current Windows Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Autoplay must be disabled.

    &lt;VulnDiscussion&gt;This allows a user to control if videos can play automatically with audio content (without user consent) in Google Chrome. I...
    Rule Medium Severity
  • SRG-APP-000210

    <GroupDescription></GroupDescription>
    Group
  • URLs must be allowlisted for Autoplay use.

    &lt;VulnDiscussion&gt;Controls the allowlist of URL patterns that autoplay will always be enabled on. If the "AutoplayAllowed" policy is set to "Tr...
    Rule Medium Severity
  • SRG-APP-000206

    <GroupDescription></GroupDescription>
    Group
  • Anonymized data collection must be disabled.

    &lt;VulnDiscussion&gt;Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting. URL-keyed anonymiz...
    Rule Medium Severity
  • SRG-APP-000206

    <GroupDescription></GroupDescription>
    Group
  • Collection of WebRTC event logs must be disabled.

    &lt;VulnDiscussion&gt;If the policy is set to “true”, Google Chrome is allowed to collect WebRTC event logs from Google services (e.g., Google Meet...
    Rule Medium Severity
  • SRG-APP-000266

    <GroupDescription></GroupDescription>
    Group
  • Chrome development tools must be disabled.

    &lt;VulnDiscussion&gt;While the risk associated with browser development tools is more related to the proper design of a web application, a risk ve...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules