Skip to content
Log In

Google Chrome Current Windows Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000206

    Group
    Show

  • SRG-APP-000206

    Group
    Show

  • Import AutoFill form data must be disabled.

    This policy forces the autofill form data to be imported from the previous default browser if enabled. If enabled, this policy also affects the import dialog. If disabled, the autofill form data is...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000039

    Group
    Show

  • Firewall traversal from remote host must be disabled.

    Remote connections should never be allowed that bypass the firewall, as there is no way to verify if they can be trusted. Enables usage of STUN and relay servers when remote clients are trying to e...
    Rule Medium Severity
    Show

  • SRG-APP-000206

    Group
    Show

  • Site tracking users location must be disabled.

    Website tracking is the practice of gathering information as to which websites were accesses by a browser. The common method of doing this is to have a website create a tracking cookie on the brows...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000089

    Group
    Show

  • Extensions installation must be blocklisted by default.

    Extensions are developed by third party sources and are designed to extend Google Chrome's functionality. An extension can be made by anyone, to do and access almost anything on a system; this mean...
    Rule Medium Severity
    Show

  • SRG-APP-000210

    Group
    Show

  • Extensions that are approved for use must be allowlisted.

    The allowlist should only contain organizationally approved extensions. This is to prevent a user from accidently allowlisitng a malicious extension. This policy allows you to specify which extensi...
    Rule Low Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • The default search providers name must be set.

    Specifies the name of the default search provider that is to be used, if left empty or not set, the host name specified by the search URL will be used. This policy is only considered if the 'Defaul...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • The default search provider URL must be set to perform encrypted searches.

    Specifies the URL of the search engine used when doing a default search. The URL should contain the string '{searchTerms}', which will be replaced at query time by the terms the user is searching f...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000141

    Group
    Show

  • The Password Manager must be disabled.

    Enables saving passwords and using saved passwords in Google Chrome. Malicious sites may take advantage of this feature by using hidden fields gain access to the stored information. If you enable t...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules