[AuditTest] @{ Id = "DTBC-0001" Task = "Firewall traversal from remote host must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "RemoteAccessHostFirewallTraversal" ` | Select-Object -ExpandProperty "RemoteAccessHostFirewallTraversal" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0003" Task = "Sites ability for showing desktop notifications must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultNotificationsSetting" ` | Select-Object -ExpandProperty "DefaultNotificationsSetting" if ($regValue -ne 2) { return @{ Message = "Registry value is '$regValue'. Expected: 2" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0004" Task = "Sites ability to show pop-ups must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultPopupsSetting" ` | Select-Object -ExpandProperty "DefaultPopupsSetting" if ($regValue -ne 2) { return @{ Message = "Registry value is '$regValue'. Expected: 2" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0002" Task = "Site tracking users location must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultGeolocationSetting" ` | Select-Object -ExpandProperty "DefaultGeolocationSetting" if ($regValue -ne 2) { return @{ Message = "Registry value is '$regValue'. Expected: 2" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0005" Task = "Extensions installation must be blacklisted by default." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlacklist" ` -Name "1" ` | Select-Object -ExpandProperty "1" if ($regValue -ne "*") { return @{ Message = "Registry value is '$regValue'. Expected: *" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0006" Task = "Extensions that are approved for use must be whitelisted." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallWhitelist" ` -Name "ExtensionInstallWhitelist" ` | Select-Object -ExpandProperty "ExtensionInstallWhitelist" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0009" Task = "Default search provider must be enabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultSearchProviderEnabled" ` | Select-Object -ExpandProperty "DefaultSearchProviderEnabled" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0011" Task = "The Password Manager must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "PasswordManagerEnabled" ` | Select-Object -ExpandProperty "PasswordManagerEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0013" Task = "The running of outdated plugins must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome" ` -Name "AllowOutdatedPlugins" ` | Select-Object -ExpandProperty "AllowOutdatedPlugins" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0015" Task = "Third party cookies must be blocked." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "BlockThirdPartyCookies" ` | Select-Object -ExpandProperty "BlockThirdPartyCookies" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0017" Task = "Background processing must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "BackgroundModeEnabled" ` | Select-Object -ExpandProperty "BackgroundModeEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0019" Task = "3D Graphics APIs must be disabled. (Note: If 3D APIs are required by mission, this is not a finding.)" Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "Disable3DAPIs" ` | Select-Object -ExpandProperty "Disable3DAPIs" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0020" Task = "Google Data Synchronization must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SyncDisabled" ` | Select-Object -ExpandProperty "SyncDisabled" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0021" Task = "The URL protocol schema javascript must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlacklist" ` -Name "1" ` | Select-Object -ExpandProperty "1" if ($regValue -ne "javascript://*") { return @{ Message = "Registry value is '$regValue'. Expected: javascript://*" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0023" Task = "Cloud print sharing must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "CloudPrintProxyEnabled" ` | Select-Object -ExpandProperty "CloudPrintProxyEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0025" Task = "Network prediction must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "NetworkPredictionOptions" ` | Select-Object -ExpandProperty "NetworkPredictionOptions" if ($regValue -ne 2) { return @{ Message = "Registry value is '$regValue'. Expected: 2" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0026" Task = "Metrics reporting to Google must be disabled. (Note: This policy will only display in the chrome://policy tab on domain joined systems. On standalone systems, the policy will not display.)" Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "MetricsReportingEnabled" ` | Select-Object -ExpandProperty "MetricsReportingEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0027" Task = "Search suggestions must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SearchSuggestEnabled" ` | Select-Object -ExpandProperty "SearchSuggestEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0029" Task = "Importing of saved passwords must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "ImportSavedPasswords" ` | Select-Object -ExpandProperty "ImportSavedPasswords" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0030" Task = "Incognito mode must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "IncognitoModeAvailability" ` | Select-Object -ExpandProperty "IncognitoModeAvailability" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0037" Task = "Online revocation checks must be done." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "EnableOnlineRevocationChecks" ` | Select-Object -ExpandProperty "EnableOnlineRevocationChecks" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0038" Task = "Safe Browsing must be enabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SafeBrowsingEnabled" ` | Select-Object -ExpandProperty "SafeBrowsingEnabled" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0039" Task = "Browser history must be saved." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SavingBrowserHistoryDisabled" ` | Select-Object -ExpandProperty "SavingBrowserHistoryDisabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0040" Task = "Default behavior must block webpages from automatically running plugins." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultPluginsSetting" ` | Select-Object -ExpandProperty "DefaultPluginsSetting" if ($regValue -ne 3) { return @{ Message = "Registry value is '$regValue'. Expected: 3" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0051" Task = "URLs must be whitelisted for plugin use" Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "PluginsAllowedForUrls" ` | Select-Object -ExpandProperty "PluginsAllowedForUrls" if ($regValue -ne "Suggested: the set or subset of [*.]mil and [*.]gov") { return @{ Message = "Registry value is '$regValue'. Expected: Suggested: the set or subset of [*.]mil and [*.]gov" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0052" Task = "Deletion of browser history must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "AllowDeletingBrowserHistory" ` | Select-Object -ExpandProperty "AllowDeletingBrowserHistory" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0053" Task = "Prompt for download location must be enabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "PromptForDownloadLocation" ` | Select-Object -ExpandProperty "PromptForDownloadLocation" if ($regValue -ne 1) { return @{ Message = "Registry value is '$regValue'. Expected: 1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0064" Task = "Autoplay must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "AutoplayAllowed" ` | Select-Object -ExpandProperty "AutoplayAllowed" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0056" Task = "Chrome must be configured to allow only TLS." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SSLVersionMin" ` | Select-Object -ExpandProperty "SSLVersionMin" if ($regValue -ne "tls1.1") { return @{ Message = "Registry value is '$regValue'. Expected: tls1.1" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0057" Task = "Safe Browsing Extended Reporting must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "SafeBrowsingExtendedReportingEnabled" ` | Select-Object -ExpandProperty "SafeBrowsingExtendedReportingEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0058" Task = "WebUSB must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "DefaultWebUsbGuardSetting" ` | Select-Object -ExpandProperty "DefaultWebUsbGuardSetting" if ($regValue -ne 2) { return @{ Message = "Registry value is '$regValue'. Expected: 2" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0060" Task = "Chrome Cleanup must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "ChromeCleanupEnabled" ` | Select-Object -ExpandProperty "ChromeCleanupEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0061" Task = "Chrome Cleanup reporting must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "ChromeCleanupReportingEnabled" ` | Select-Object -ExpandProperty "ChromeCleanupReportingEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0063" Task = "Google Cast must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "EnableMediaRouter" ` | Select-Object -ExpandProperty "EnableMediaRouter" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0066" Task = "Anonymized data collection must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "UrlKeyedAnonymizedDataCollectionEnabled" ` | Select-Object -ExpandProperty "UrlKeyedAnonymizedDataCollectionEnabled" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } } [AuditTest] @{ Id = "DTBC-0067" Task = "Collection of WebRTC event logs must be disabled." Test = { try { $regValue = Get-ItemProperty -ErrorAction Stop ` -Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" ` -Name "WebRtcEventLogCollectionAllowed" ` | Select-Object -ExpandProperty "WebRtcEventLogCollectionAllowed" if ($regValue -ne 0) { return @{ Message = "Registry value is '$regValue'. Expected: 0" Status = "False" } } } catch [System.Management.Automation.PSArgumentException] { return @{ Message = "Registry value not found." Status = "False" } } catch [System.Management.Automation.ItemNotFoundException] { return @{ Message = "Registry key not found." Status = "False" } } return @{ Message = "Compliant" Status = "True" } } }