STIGQter STIGQter: STIG Summary:

Mozilla Firefox Security Technical Implementation Guide

Version: 5

Release: 1 Benchmark Date: 22 Jan 2021

SV-223151r612236_ruleInstalled version of Firefox unsupported.
SV-223152r612236_ruleFirefox must be configured to allow only TLS.
SV-223153r612236_ruleFireFox is configured to ask which certificate to present to a web site when a certificate is required.
SV-223154r612236_ruleFirefox automatically checks for updated version of installed Search plugins.
SV-223155r612236_ruleFirefox automatically updates installed add-ons and plugins.
SV-223156r612236_ruleFirefox automatically executes or downloads MIME types which are not authorized for auto-download.
SV-223157r612236_ruleNetwork shell protocol is enabled in FireFox.
SV-223158r612236_ruleFirefox is not configured to prompt a user before downloading and opening required file types.
SV-223159r612236_ruleFireFox plug-in for ActiveX controls is installed.
SV-223160r612236_ruleFirefox formfill assistance option is disabled.
SV-223161r612236_ruleFirefox is configured to autofill passwords.
SV-223162r612236_ruleFireFox is configured to use a password store with or without a master password.
SV-223163r612236_ruleFireFox is not configured to block pop-up windows.
SV-223164r612236_ruleFireFox is configured to allow JavaScript to move or resize windows.
SV-223165r612236_ruleFirefox is configured to allow JavaScript to raise or lower windows.
SV-223166r612236_ruleFirefox is configured to allow JavaScript to disable or replace context menus.
SV-223167r612236_ruleExtensions install must be disabled.
SV-223168r612236_ruleBackground submission of information to Mozilla must be disabled.
SV-223169r612236_ruleFirefox Development Tools Must Be Disabled.
SV-223170r612236_ruleTelemetry must be disabled.
SV-223171r612236_ruleTelemetry archive must be disabled.
SV-223172r612236_ruleFingerprinting protection must be enabled.
SV-223173r612236_ruleCryptomining protection must be enabled.
SV-223174r612236_ruleEnhanced Tracking Protection must be enabled.
SV-223175r612236_ruleExtension recommendations must be disabled.
SV-223177r612236_ruleDeprecated ciphers must be disabled.
SV-223179r612236_ruleThe DOD Root Certificate is not installed.