Google Chrome Current Windows Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Browser history must be saved.
<VulnDiscussion>This policy disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting i...Rule Medium Severity -
SRG-APP-000456
<GroupDescription></GroupDescription>Group -
The version of Google Chrome running on the system must be a supported version.
<VulnDiscussion>Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an ...Rule Medium Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
Deletion of browser history must be disabled.
<VulnDiscussion>Disabling this function will prevent users from deleting their browsing history, which could be used to identify malicious we...Rule Medium Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
Prompt for download location must be enabled.
<VulnDiscussion>If the policy is enabled, the user will be asked where to save each file before downloading. If the policy is disabled, downl...Rule Medium Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
Download restrictions must be configured.
<VulnDiscussion>Configure the type of downloads that Google Chrome will completely block, without letting users override the security decisio...Rule Medium Severity -
SRG-APP-000206
<GroupDescription></GroupDescription>Group -
Safe Browsing Extended Reporting must be disabled.
<VulnDiscussion>Enables Google Chrome's Safe Browsing Extended Reporting and prevents users from changing this setting. Extended Reporting se...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
WebUSB must be disabled.
<VulnDiscussion>Allows you to set whether websites are allowed to get access to connected USB devices. Access can be completely blocked, or t...Rule Medium Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
Chrome Cleanup must be disabled.
<VulnDiscussion>If set to "False", prevents Chrome Cleanup from scanning the system for unwanted software and performing cleanups. Manually t...Rule Medium Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
Chrome Cleanup reporting must be disabled.
<VulnDiscussion>If unset, should Chrome Cleanup detect unwanted software, it may report metadata about the scan to Google in accordance with ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Google Cast must be disabled.
<VulnDiscussion>If this policy is set to ”True” or is not set, Google Cast will be enabled, and users will be able to launch it from the app ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Autoplay must be disabled.
<VulnDiscussion>This allows a user to control if videos can play automatically with audio content (without user consent) in Google Chrome. I...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
Anonymized data collection must be disabled.
<VulnDiscussion>Enable URL-keyed anonymized data collection in Google Chrome and prevent users from changing this setting. URL-keyed anonymiz...Rule Medium Severity -
SRG-APP-000206
<GroupDescription></GroupDescription>Group -
Collection of WebRTC event logs must be disabled.
<VulnDiscussion>If the policy is set to “true”, Google Chrome is allowed to collect WebRTC event logs from Google services (e.g., Google Meet...Rule Medium Severity -
SRG-APP-000266
<GroupDescription></GroupDescription>Group -
Chrome development tools must be disabled.
<VulnDiscussion>While the risk associated with browser development tools is more related to the proper design of a web application, a risk ve...Rule Low Severity -
SRG-APP-000206
<GroupDescription></GroupDescription>Group -
Guest Mode must be disabled.
<VulnDiscussion>If this policy is set to true or not configured, Google Chrome will enable guest logins. Guest logins are Google Chrome profi...Rule Medium Severity -
SRG-APP-000206
<GroupDescription></GroupDescription>Group -
AutoFill for credit cards must be disabled.
<VulnDiscussion>Enabling Google Chrome's AutoFill feature allows users to auto complete credit card information in web forms using previously...Rule Medium Severity -
SRG-APP-000206
<GroupDescription></GroupDescription>Group -
AutoFill for addresses must be disabled.
<VulnDiscussion>Enabling Google Chrome's AutoFill feature allows users to auto complete address information in web forms using previously sto...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.