STIGQter STIGQter: STIG Summary: Google Chrome Current Windows Security Technical Implementation Guide Version: 1 Release: 18 Benchmark Date: 24 Jan 2020: The default search providers name must be set.

DISA Rule

SV-57567r2_rule

Vulnerability Number

V-44733

Group Title

DTBC0007 - Default search provider name

Rule Version

DTBC-0007

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Windows group policy:
1. Open the group policy editor tool with gpedit.msc
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Default search provider\
Policy Name: Default search provider name
Policy State: Enabled
Policy Value: set to an organization approved encrypted search provider that corresponds to the encrypted search provider set in DTBC-0008(ex. Google Encrypted, Bing Encrypted)

Check Contents

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If DefaultSearchProviderName is displayed under the Policy Name column or it is not set to an organization approved encrypted search provider that corresponds to the encrypted search provider set in DTBC-0008(ex. Google Encrypted, Bing Encrypted) under the Policy Value column, then this is a finding.

Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the DefaultSearchProviderName value name does not exist or it is not set to an organization approved encrypted search provider that corresponds to the encrypted search provider set in DTBC-0008(ex. Google Encrypted, Bing Encrypted), then this is a finding.

Vulnerability Number

V-44733

Documentable

False

Rule Version

DTBC-0007

Severity Override Guidance

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If DefaultSearchProviderName is displayed under the Policy Name column or it is not set to an organization approved encrypted search provider that corresponds to the encrypted search provider set in DTBC-0008(ex. Google Encrypted, Bing Encrypted) under the Policy Value column, then this is a finding.

Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the DefaultSearchProviderName value name does not exist or it is not set to an organization approved encrypted search provider that corresponds to the encrypted search provider set in DTBC-0008(ex. Google Encrypted, Bing Encrypted), then this is a finding.

Check Content Reference

M

Target Key

2591

Comments