Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000231

    <GroupDescription></GroupDescription>
    Group
  • Browser history must be saved.

    &lt;VulnDiscussion&gt;This policy disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting i...
    Rule Medium Severity
  • SRG-APP-000456

    <GroupDescription></GroupDescription>
    Group
  • The version of Google Chrome running on the system must be a supported version.

    &lt;VulnDiscussion&gt;Google Chrome is being continually updated by the vendor in order to address identified security vulnerabilities. Running an ...
    Rule Medium Severity
  • SRG-APP-000089

    <GroupDescription></GroupDescription>
    Group
  • Deletion of browser history must be disabled.

    &lt;VulnDiscussion&gt;Disabling this function will prevent users from deleting their browsing history, which could be used to identify malicious we...
    Rule Medium Severity
  • SRG-APP-000089

    <GroupDescription></GroupDescription>
    Group
  • Prompt for download location must be enabled.

    &lt;VulnDiscussion&gt;If the policy is enabled, the user will be asked where to save each file before downloading. If the policy is disabled, downl...
    Rule Medium Severity
  • SRG-APP-000089

    <GroupDescription></GroupDescription>
    Group
  • Download restrictions must be configured.

    &lt;VulnDiscussion&gt;Configure the type of downloads that Google Chrome will completely block, without letting users override the security decisio...
    Rule Medium Severity
  • SRG-APP-000206

    <GroupDescription></GroupDescription>
    Group
  • Safe Browsing Extended Reporting must be disabled.

    &lt;VulnDiscussion&gt;Enables Google Chrome's Safe Browsing Extended Reporting and prevents users from changing this setting. Extended Reporting se...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • WebUSB must be disabled.

    &lt;VulnDiscussion&gt;Allows you to set whether websites are allowed to get access to connected USB devices. Access can be completely blocked, or t...
    Rule Medium Severity
  • SRG-APP-000089

    <GroupDescription></GroupDescription>
    Group
  • Chrome Cleanup must be disabled.

    &lt;VulnDiscussion&gt;If set to "False", prevents Chrome Cleanup from scanning the system for unwanted software and performing cleanups. Manually t...
    Rule Medium Severity
  • SRG-APP-000089

    <GroupDescription></GroupDescription>
    Group
  • Chrome Cleanup reporting must be disabled.

    &lt;VulnDiscussion&gt;If unset, should Chrome Cleanup detect unwanted software, it may report metadata about the scan to Google in accordance with ...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Google Cast must be disabled.

    &lt;VulnDiscussion&gt;If this policy is set to ”True” or is not set, Google Cast will be enabled, and users will be able to launch it from the app ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules