CIS Google Chrome L1 v2.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Google Chrome L1 v2.0.0

Updated: 2/8/2022

Authority: CIS

Plugin: Windows

Revision: 1.5

Estimated Item Count: 61

Audit Items

Description	Categories
1.1.1 Ensure 'Enable curtaining of remote access hosts' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.1.2 Ensure 'Allow gnubby authentication for remote access hosts' is set to 'Disabled'.	ACCESS CONTROL
1.1.3 Ensure 'Allow remote users to interact with elevated windows in remote assistance sessions' is set to 'Disabled'.	CONFIGURATION MANAGEMENT
1.2 Ensure 'Continue running background apps when Google Chrome is closed' is set to 'Disabled'	SYSTEM AND COMMUNICATIONS PROTECTION
1.3 Ensure 'Ask where to save each file before downloading' is set to 'Enabled'	SYSTEM AND COMMUNICATIONS PROTECTION
1.4 Ensure 'Disable saving browser history' is set to 'Disabled'	SYSTEM AND COMMUNICATIONS PROTECTION
1.5 Ensure 'Enable HTTP/0.9 support on non-default ports' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.6 Ensure 'Enable component updates in Google Chrome' is set to 'Enabled'	SYSTEM AND INFORMATION INTEGRITY
1.7 Ensure 'Enable deprecated web platform features for a limited time' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.8 Ensure 'Enable third party software injection blocking' is set to 'Enabled'	CONFIGURATION MANAGEMENT
1.9 Ensure 'Extend Flash content setting to all content' is set to 'Disabled'	SYSTEM AND COMMUNICATIONS PROTECTION
1.10 Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.11 Ensure 'Whether online OCSP/CRL checks are performed' is set to 'Disabled'	IDENTIFICATION AND AUTHENTICATION
1.12 Ensure 'Allow WebDriver to Override Incompatible Policies' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.13 Ensure 'Control SafeSites adult content filtering' is set to 'Enabled' with value 'Do not filter sites for adult content' specified	CONFIGURATION MANAGEMENT
1.14 Ensure 'Origins or hostname patterns for which restrictions on insecure origins should not apply' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.15 Ensure 'Disable Certificate Transparency enforcement for a list of Legacy Certificate Authorities' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.16 Ensure 'Disable Certificate Transparency enforcement for a list of URLs' is set to 'Disabled'	CONFIGURATION MANAGEMENT
1.17 Ensure 'Disable Certificate Transparency enforcement for a list of subjectPublicKeyInfo hashes' is set to 'Disabled'	CONFIGURATION MANAGEMENT
2.1 Ensure 'Default Flash Setting' is set to 'Enabled' (Click to Play)	SYSTEM AND COMMUNICATIONS PROTECTION
2.5 Ensure 'Configure extension installation blacklist' is set to 'Enabled' ('*' for all extensions)	SYSTEM AND COMMUNICATIONS PROTECTION
2.6 Ensure 'Configure allowed app/extension types' is set to 'Enabled' with the values 'extension', 'hosted_app', 'platform_app', 'theme' specified - 'extension'	CONFIGURATION MANAGEMENT
2.6 Ensure 'Configure allowed app/extension types' is set to 'Enabled' with the values 'extension', 'hosted_app', 'platform_app', 'theme' specified - 'hosted_app'	CONFIGURATION MANAGEMENT
2.6 Ensure 'Configure allowed app/extension types' is set to 'Enabled' with the values 'extension', 'hosted_app', 'platform_app', 'theme' specified - 'platform_app'	CONFIGURATION MANAGEMENT
2.6 Ensure 'Configure allowed app/extension types' is set to 'Enabled' with the values 'extension', 'hosted_app', 'platform_app', 'theme' specified - 'theme'	CONFIGURATION MANAGEMENT
2.8 Ensure 'Enable saving passwords to the password manager' is Configured	CONFIGURATION MANAGEMENT
2.9 Ensure 'Supported authentication schemes' is set to 'Enabled' (ntlm, negotiate)	ACCESS CONTROL
2.10 Ensure 'Choose how to specify proxy server settings' is not set to 'Enabled' with 'Auto detect proxy settings'	CONFIGURATION MANAGEMENT
2.11 Ensure 'Allow running plugins that are outdated' is set to 'Disabled'	SYSTEM AND INFORMATION INTEGRITY
2.12 Ensure 'Enable Google Cloud Print Proxy' is set to 'Disabled'	ACCESS CONTROL
2.13 Ensure 'Enable Site Isolation for every site' is set to 'Enabled'	ACCESS CONTROL
2.14 Ensure 'Allow download restrictions' is set to 'Enabled' with 'Block dangerous downloads' specified.	SYSTEM AND COMMUNICATIONS PROTECTION
2.15 Ensure 'Disable proceeding from the Safe Browsing warning page' is set to 'Enabled'	CONFIGURATION MANAGEMENT
2.16 Ensure 'Notify a user that a browser relaunch or device restart is recommended or required' is set to 'Enabled' with 'Show a recurring prompt to the user indication that a relaunch is required' specified	CONFIGURATION MANAGEMENT
2.17 Ensure 'Set the time period for update notifications' is set to 'Enabled' with '86400000' (1 day) specified	CONFIGURATION MANAGEMENT
2.19 Ensure 'Enable Chrome Cleanup on Windows' is Configured	CONFIGURATION MANAGEMENT
2.21 Ensure 'Update policy override' is set to 'Enabled' with 'Always allow updates (recommended)' or 'Automatic silent updates' specified	CONFIGURATION MANAGEMENT
3.2 Ensure 'Default geolocation setting' is set to 'Enabled' with 'Do not allow any site to track the users' physical location'	SYSTEM AND COMMUNICATIONS PROTECTION
3.3 Ensure 'Enable Google Cast' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.4 Ensure 'Block third party cookies' is set to 'Enabled'	AUDIT AND ACCOUNTABILITY
3.5 Ensure 'Enable reporting of usage and crash-related data' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.6 Ensure 'Control how Chrome Cleanup reports data to Google' is set to 'Disabled'	AUDIT AND ACCOUNTABILITY
3.7 Ensure 'Browser sign in settings' is set to 'Enabled' with 'Disabled browser sign-in' specified	ACCESS CONTROL
3.8 Ensure 'Enable Translate' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.9 Ensure 'Enable network prediction' is set to 'Enabled' with 'Do not predict actions on any network connection' selected	CONFIGURATION MANAGEMENT
3.10 Ensure 'Enable search suggestions' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.11 Ensure 'Enable or disable spell checking web service' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.12 Ensure 'Enable alternate error pages' is set to 'Disabled'	CONFIGURATION MANAGEMENT
3.13 Ensure 'Disable synchronization of data with Google' is set to 'Enabled'	ACCESS CONTROL
3.14 Ensure 'Enable Safe Browsing for trusted sources' is set to 'Disabled'	CONFIGURATION MANAGEMENT

Detections

Analytics

CIS Google Chrome L1 v2.0.0

Warning! Audit Deprecated

Audit Details

Audit Items