UCF STIG Viewer Logo

Google Chrome STIG Draft



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-0034 Medium Plugins must be disabled by default
V-0035 Medium Plugins approved for use must be enabled
V-0036 Medium Automated installation of missing plugins must be disabled
V-0037 Medium Online revocation checks must be done
V-0030 Medium Incognito mode must be disabled
V-0031 Medium Web store ads must be disabled
V-0032 Medium the Chrome cache location must be set
V-0033 Medium The user data location must be set
V-0038 Medium Safe Browsing must be enabled
V-0039 Medium Browser history must be saved
V-0018 Medium The SPDY protocol must be disabled
V-0019 Medium 3D Graphics APIs must be disabled
V-0012 Medium The HTTP Authentication must be set to negotiate
V-0013 Medium The running of outdated plugins must be disabled
V-0010 Medium Use of cleartext passwords in the Password Manager must be disabled
V-0011 Medium The Password Manager must be disabled
V-0016 Medium Site data must not be wiped on closing the browser
V-0017 Medium Background processing must be disabled
V-0014 Medium Plugins requiring authorization must ask for user permission
V-0015 Medium Third party cookies must be blocked
V-0004 Medium Sites' ability to show pop-ups must be disabled
V-0023 Medium Cloud print sharing must be disabled
V-0022 Medium AutoFill must be disabled
V-0021 Medium The URL protocol schemas "file" and "javascript" must be disabled
V-0020 Medium Google Data Synchronization must be disabled
V-0027 Medium Search suggestions must be enabled
V-0026 Medium Mestrics reporting to Google must be disabled
V-0025 Medium Network prediction must be disabled
V-0024 Medium Google Chrome Instant must be disabled
V-0029 Medium Importing of saved passwords must be disabled
V-0028 Medium Submitting documents to Google Print Cloud must be disabled
V-0009 Medium Default search provider must be enabled
V-0008 Medium The default search provider URL must be set
V-0041 Medium JavaScript must be disabled by default
V-0040 Medium Default behavior must block plugin usage
V-0043 Medium Plugin usage must be disabled by default
V-0042 Medium JavaScript must be enabled for approved domains
V-0001 Medium Firewall traversal from remote host must be disabled
V-0003 Medium sites' ability for showing desktop notifications must be disabled
V-0002 Medium Site tracking user's location must be disabled
V-0005 Medium Extensions must be blacklisted by default
V-0007 Medium The default search provider's name must be set
V-0006 Medium Extensions that are approved for use must be whitelisted
V-0045 Medium Session only based cookies must be disabled
V-0044 Medium Site that are approved to use approved plugins must be whitelisted