STIGQter: STIG Summary: Google Chrome Current Windows Security Technical Implementation Guide Version: 1 Release: 18 Benchmark Date: 24 Jan 2020: Chrome must be configured to allow only TLS.

DISA Rule

SV-96297r3_rule

Vulnerability Number

V-81583

Group Title

DTBC-0056 - TLS

Rule Version

DTBC-0056

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Windows group policy:
1. Open the “group policy editor” tool with gpedit.msc.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.1

Check Contents

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If "SSLVersionMin" is not displayed under the "Policy Name" column or it is not set to "tls1.1", this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "SSLVersionMin" value name does not exist or its value data is not set to "tls1.1", this is a finding.

Vulnerability Number

V-81583

Documentable

False

Rule Version

DTBC-0056

Severity Override Guidance

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If "SSLVersionMin" is not displayed under the "Policy Name" column or it is not set to "tls1.1", this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "SSLVersionMin" value name does not exist or its value data is not set to "tls1.1", this is a finding.

Check Content Reference

M

Target Key

2591

Comments