CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0

Audit Details

Name: CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Windows

Revision: 1.2

Estimated Item Count: 55

File Details

Filename: CIS_Mozilla_Firefox_102_ESR_v1.0.0_Windows_Level1.audit

Size: 98.3 kB

MD5: dcd1a3675d0f3cd69dfbbe5ffca9b6c9
SHA256: b5ff6bab09aca592a75a09122ecf5696a3b6d8fe3cc064dad169086e53ff35fd

Audit Items

DescriptionCategories
1.1 Create local-settings.js file - general.config.filename

CONFIGURATION MANAGEMENT

1.1 Create local-settings.js file - general.config.obscure

CONFIGURATION MANAGEMENT

1.2 Create mozilla.cfg file

CONFIGURATION MANAGEMENT

1.3 Protect Firefox Binaries

CONFIGURATION MANAGEMENT

1.4 Set permissions on local-settings.js - Administrators

CONFIGURATION MANAGEMENT

1.4 Set permissions on local-settings.js - Users

CONFIGURATION MANAGEMENT

1.5 Set permissions on mozilla.cfg - Administrators

CONFIGURATION MANAGEMENT

1.5 Set permissions on mozilla.cfg - Users

CONFIGURATION MANAGEMENT

2.1 Enable Automatic Updates - app.update.auto

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Enable Automatic Updates - app.update.enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Enable Automatic Updates - app.update.staging.enabled

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.2 Set Search Provider Update Behavior

CONFIGURATION MANAGEMENT

2.3 Set Update Interval Time Checks

RISK ASSESSMENT

2.4 Set Update Wait Time Prompt

RISK ASSESSMENT

3.1 Disable Network Prefetch

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Disable NTLM v1

IDENTIFICATION AND AUTHENTICATION

3.3 Disable WebRTC - media.peerconnection.enabled

CONFIGURATION MANAGEMENT

3.3 Disable WebRTC - media.peerconnection.use_document_iceservers

CONFIGURATION MANAGEMENT

3.5 Set File URI Origin Policy

CONFIGURATION MANAGEMENT

3.6 Validate Proxy Settings

CONFIGURATION MANAGEMENT

4.1 Block Mixed Active Content

SYSTEM AND INFORMATION INTEGRITY

4.4 Set Security TLS Version Maximum

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5 Set Security TLS Version Minimum

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Block Pop-up Windows

CONFIGURATION MANAGEMENT

5.2 Disable Closing of Windows via Scripts

CONFIGURATION MANAGEMENT

5.3 Disable Displaying JavaScript in History URLs

CONFIGURATION MANAGEMENT

5.4 Disable Moving or Resizing of Windows via Scripts

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

5.5 Disable Raising or Lowering of Windows via Scripts

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

6.2 Disabled Browser Sign-ins

CONFIGURATION MANAGEMENT

6.3 Disable Firefox Shield Studies

CONFIGURATION MANAGEMENT

6.5 Disable Geolocation Serivces

CONFIGURATION MANAGEMENT

6.6 Disable Pocket

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Disable Sending Data

CONFIGURATION MANAGEMENT

6.8 Disallow Credential Storage

CONFIGURATION MANAGEMENT

6.9 Do Not Accept Third Party Cookies

CONFIGURATION MANAGEMENT

6.10 Enable Enhanced Tracking Protection

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.donottrackheader.enabled

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.trackingprotection.enabled

CONFIGURATION MANAGEMENT

6.11 Enable Tracking Protection - privacy.trackingprotection.pbmode

CONFIGURATION MANAGEMENT

6.12 Set Delay for Enabling Security Sensitive Dialog Boxes

SYSTEM AND INFORMATION INTEGRITY

6.13 Disabled Delete Data Upon Shutdown

CONFIGURATION MANAGEMENT

7.1 Disable Auto-Install of Add-ons

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Disable Development Tools

CONFIGURATION MANAGEMENT

7.3 Disable Encrypted Media Extensions

CONFIGURATION MANAGEMENT

7.4 Disable Popups Initiated by Plugins

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Disabled Recommended Extensions

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Enable Extension Auto Update

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

7.7 Enable Extension Block List

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.8 Enable Extension Update

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

7.9 Enable Warning for External Protocol Handler

CONFIGURATION MANAGEMENT