Free DISA STIG and SRG Library | Vaulted


Safe Browsing must be enabled,

Finding ID
Rule ID
Cat II
Group Title
DTBC0038 - Safe browsing
Target Key

Enables Google Chrome's Safe Browsing feature and prevents users from changing this setting. If you enable this setting, Safe Browsing is always active. If you disable this setting, Safe Browsing is never active. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it. Safe browsing uses a signature database to test sites when they are be loaded to ensure they don't contain any known malware.

Fix Text

Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Safe Browsing Settings Policy Name: Enable Safe Browsing Policy State: Enabled Policy Value: N/A

Check Content

Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If SafeBrowsingEnabled is not displayed under the Policy Name column or it is not set to true under the Policy Value column, then this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the SafeBrowsingEnabled value name does not exist or its value data is not set to 1, then this is a finding.