STIGQter: STIG Summary: Google Chrome Current Windows Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Chrome must be configured to allow only TLS.

DISA Rule

SV-234701r615937_rule

Vulnerability Number

V-234701

Group Title

SRG-APP-000416

Rule Version

DTBC-0056

Severity

CAT I

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Windows group policy:
1. Open the “group policy editor” tool with gpedit.msc.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2

Check Contents

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If "SSLVersionMin" is not displayed under the "Policy Name" column or it is not set to "tls1.2", this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "SSLVersionMin" value name does not exist or its value data is not set to "tls1.2", this is a finding.

Vulnerability Number

V-234701

Documentable

False

Rule Version

DTBC-0056

Severity Override Guidance

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If "SSLVersionMin" is not displayed under the "Policy Name" column or it is not set to "tls1.2", this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "SSLVersionMin" value name does not exist or its value data is not set to "tls1.2", this is a finding.

Check Content Reference

M

Target Key

4081

Comments