CUSP - Common User Security Profile for Mozilla Firefox
Rules and Groups employed by this XCCDF Profile
-
Firefox
Firefox is an open-source web browser and developed by Mozilla. Web browsers such as Firefox are used for a number of reasons. This section provide...Group -
Firefox autoplay must be disabled.
Audio/Video autoplay may be disabled in an administrative policy by setting the <code>Default</code> key under <code>Permissions</code>, <code>Auto...Rule Medium Severity -
Ensure the Content Blocker uBlock Origin is Installed
The uBlock Origin will be installed automatically by configuring Firefox policy, and updates will be enabled. It can also be installed through the ...Rule Medium Severity -
Enabled Firefox Cryptomining protection
Cryptomining protection may be enabled by settingprivacy.trackingprotection.cryptomining.enabledtotrue.Rule Medium Severity -
Enabled Firefox Enhanced Tracking Protection
Enhanced Tracking Protection may be enabled by settingbrowser.contentblocking.categorytostrict.Rule Medium Severity -
Enabled Firefox Fingerprinting Protection
Fingerprinting protection may be enabled by setting <code>Fingerprinting</code> to <code>true</code> under <code>EnableTrackingProtection</code> in...Rule Medium Severity -
Disable JavaScript's Raise Or Lower Windows Capability
JavaScript can configure and make changes to the web browser's appearance by specifically raising and lowering windows. This can be disabled by set...Rule Medium Severity -
Disable JavaScript's Moving Or Resizing Windows Capability
JavaScript can configure and make changes to the web browser's appearance by specifically moving and resizing browser windows. This can be disabled...Rule Medium Severity -
Enable Firefox Pop-up Blocker
The pop-up blocker can be enabled by setting <code>Default</code> key under <code>PopupBlocking</code> to <code>true</code> in <code>policies.json<...Rule Medium Severity -
Firefox must be configured to allow only TLS 1.2 or above.
Firefox may be configured via administrative policy to allow TLS 1.2 at minimum by settingSSLVersionMintotls1.2.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules