CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0

Audit Details

Name: CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.2

Estimated Item Count: 53

File Details

Filename: CIS_Mozilla_Firefox_102_ESR_v1.0.0_Linux_Level1.audit

Size: 92.7 kB

MD5: e11464f07bc1b2c9b0b30b2f5e25520a
SHA256: 1f5fea1e369c510180da3090e1e4afaf7a17a52b0be7f1d6952bf46360b3bf54

Audit Items

DescriptionCategories
1.1 Create local-settings.js file - general.config.filename

ACCESS CONTROL

1.1 Create local-settings.js file - general.config.obscure_value

CONFIGURATION MANAGEMENT

1.2 Create mozilla.cfg file

CONFIGURATION MANAGEMENT

1.3 Protect Firefox Binaries

CONFIGURATION MANAGEMENT

1.4 Set permissions on local-settings.js

CONFIGURATION MANAGEMENT

1.5 Set permissions on mozilla.cfg

CONFIGURATION MANAGEMENT

2.1 Enable Automatic Updates - app.update.auto

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Enable Automatic Updates - app.update.enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Enable Automatic Updates - app.update.staging.enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.2 Set Search Provider Update Behavior

CONFIGURATION MANAGEMENT

2.3 Set Update Interval Time Checks

RISK ASSESSMENT

2.4 Set Update Wait Time Prompt

RISK ASSESSMENT

3.1 Disable Network Prefetch

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Disable NTLM v1

IDENTIFICATION AND AUTHENTICATION

3.3 Disable WebRTC - media.peerconnection.enabled

CONFIGURATION MANAGEMENT

3.3 Disable WebRTC - media.peerconnection.use_document_iceservers

CONFIGURATION MANAGEMENT

3.5 Set File URI Origin Policy

CONFIGURATION MANAGEMENT

3.6 Validate Proxy Settings

CONFIGURATION MANAGEMENT

4.1 Block Mixed Active Content

SYSTEM AND INFORMATION INTEGRITY

4.4 Set Security TLS Version Maximum

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5 Set Security TLS Version Minimum

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Block Pop-up Windows

CONFIGURATION MANAGEMENT

5.2 Disable Closing of Windows via Scripts

CONFIGURATION MANAGEMENT

5.3 Disable Displaying JavaScript in History URLs

CONFIGURATION MANAGEMENT

5.4 Disable Moving or Resizing of Windows via Scripts

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

5.5 Disable Raising or Lowering of Windows via Scripts

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

6.2 Disabled Browser Sign-ins

CONFIGURATION MANAGEMENT

6.3 Disable Firefox Shield Studies

CONFIGURATION MANAGEMENT

6.5 Disable Geolocation Serivces

CONFIGURATION MANAGEMENT

6.6 Disable Pocket

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Disable Sending Data

CONFIGURATION MANAGEMENT

6.8 Disallow Credential Storage

CONFIGURATION MANAGEMENT

6.9 Do Not Accept Third Party Cookies

CONFIGURATION MANAGEMENT

6.10 Enable Enhanced Tracking Protection

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.donottrackheader.enabled

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.trackingprotection.enabled

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.trackingprotection.pbmode

CONFIGURATION MANAGEMENT

6.12 Set Delay for Enabling Security Sensitive Dialog Boxes

SYSTEM AND INFORMATION INTEGRITY

6.13 Disabled Delete Data Upon Shutdown

CONFIGURATION MANAGEMENT

7.1 Disable Auto-Install of Add-ons

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Disable Development Tools

CONFIGURATION MANAGEMENT

7.3 Disable Encrypted Media Extensions

CONFIGURATION MANAGEMENT

7.4 Disable Popups Initiated by Plugins

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Disabled Recommended Extensions

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Enable Extension Auto Update

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

7.7 Enable Extension Block List

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.8 Enable Extension Update

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

7.9 Enable Warning for External Protocol Handler

CONFIGURATION MANAGEMENT

7.10 Set Extension Update Interval Time Checks

SYSTEM AND INFORMATION INTEGRITY

8.1 Block Reported Attack Sites

SYSTEM AND INFORMATION INTEGRITY