1297 lines
40 KiB
PowerShell
1297 lines
40 KiB
PowerShell
[AuditTest] @{
|
|
Id = "DTBC-0001"
|
|
Task = "Firewall traversal from remote host must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "RemoteAccessHostFirewallTraversal" `
|
|
| Select-Object -ExpandProperty "RemoteAccessHostFirewallTraversal"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0003"
|
|
Task = "Sites ability for showing desktop notifications must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultNotificationsSetting" `
|
|
| Select-Object -ExpandProperty "DefaultNotificationsSetting"
|
|
|
|
if ($regValue -ne 2) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 2"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0004"
|
|
Task = "Sites ability to show pop-ups must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultPopupsSetting" `
|
|
| Select-Object -ExpandProperty "DefaultPopupsSetting"
|
|
|
|
if ($regValue -ne 2) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 2"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0002"
|
|
Task = "Site tracking users location must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultGeolocationSetting" `
|
|
| Select-Object -ExpandProperty "DefaultGeolocationSetting"
|
|
|
|
if ($regValue -ne 2) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 2"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0005"
|
|
Task = "Extensions installation must be blacklisted by default."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlacklist" `
|
|
-Name "1" `
|
|
| Select-Object -ExpandProperty "1"
|
|
|
|
if ($regValue -ne "*") {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: *"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0006"
|
|
Task = "Extensions that are approved for use must be whitelisted."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallWhitelist" `
|
|
-Name "ExtensionInstallWhitelist" `
|
|
| Select-Object -ExpandProperty "ExtensionInstallWhitelist"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0009"
|
|
Task = "Default search provider must be enabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultSearchProviderEnabled" `
|
|
| Select-Object -ExpandProperty "DefaultSearchProviderEnabled"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0011"
|
|
Task = "The Password Manager must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "PasswordManagerEnabled" `
|
|
| Select-Object -ExpandProperty "PasswordManagerEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0013"
|
|
Task = "The running of outdated plugins must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome" `
|
|
-Name "AllowOutdatedPlugins" `
|
|
| Select-Object -ExpandProperty "AllowOutdatedPlugins"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0015"
|
|
Task = "Third party cookies must be blocked."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "BlockThirdPartyCookies" `
|
|
| Select-Object -ExpandProperty "BlockThirdPartyCookies"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0017"
|
|
Task = "Background processing must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "BackgroundModeEnabled" `
|
|
| Select-Object -ExpandProperty "BackgroundModeEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0019"
|
|
Task = "3D Graphics APIs must be disabled. (Note: If 3D APIs are required by mission, this is not a finding.)"
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "Disable3DAPIs" `
|
|
| Select-Object -ExpandProperty "Disable3DAPIs"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0020"
|
|
Task = "Google Data Synchronization must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SyncDisabled" `
|
|
| Select-Object -ExpandProperty "SyncDisabled"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0021"
|
|
Task = "The URL protocol schema javascript must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\URLBlacklist" `
|
|
-Name "1" `
|
|
| Select-Object -ExpandProperty "1"
|
|
|
|
if ($regValue -ne "javascript://*") {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: javascript://*"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0023"
|
|
Task = "Cloud print sharing must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "CloudPrintProxyEnabled" `
|
|
| Select-Object -ExpandProperty "CloudPrintProxyEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0025"
|
|
Task = "Network prediction must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "NetworkPredictionOptions" `
|
|
| Select-Object -ExpandProperty "NetworkPredictionOptions"
|
|
|
|
if ($regValue -ne 2) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 2"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0026"
|
|
Task = "Metrics reporting to Google must be disabled. (Note: This policy will only display in the chrome://policy tab on domain joined systems. On standalone systems, the policy will not display.)"
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "MetricsReportingEnabled" `
|
|
| Select-Object -ExpandProperty "MetricsReportingEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0027"
|
|
Task = "Search suggestions must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SearchSuggestEnabled" `
|
|
| Select-Object -ExpandProperty "SearchSuggestEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0029"
|
|
Task = "Importing of saved passwords must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "ImportSavedPasswords" `
|
|
| Select-Object -ExpandProperty "ImportSavedPasswords"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0030"
|
|
Task = "Incognito mode must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "IncognitoModeAvailability" `
|
|
| Select-Object -ExpandProperty "IncognitoModeAvailability"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0037"
|
|
Task = "Online revocation checks must be done."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "EnableOnlineRevocationChecks" `
|
|
| Select-Object -ExpandProperty "EnableOnlineRevocationChecks"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0038"
|
|
Task = "Safe Browsing must be enabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SafeBrowsingEnabled" `
|
|
| Select-Object -ExpandProperty "SafeBrowsingEnabled"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0039"
|
|
Task = "Browser history must be saved."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SavingBrowserHistoryDisabled" `
|
|
| Select-Object -ExpandProperty "SavingBrowserHistoryDisabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0040"
|
|
Task = "Default behavior must block webpages from automatically running plugins."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultPluginsSetting" `
|
|
| Select-Object -ExpandProperty "DefaultPluginsSetting"
|
|
|
|
if ($regValue -ne 3) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 3"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0051"
|
|
Task = "URLs must be whitelisted for plugin use"
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "PluginsAllowedForUrls" `
|
|
| Select-Object -ExpandProperty "PluginsAllowedForUrls"
|
|
|
|
if ($regValue -ne "Suggested: the set or subset of [*.]mil and [*.]gov") {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: Suggested: the set or subset of [*.]mil and [*.]gov"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0052"
|
|
Task = "Deletion of browser history must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "AllowDeletingBrowserHistory" `
|
|
| Select-Object -ExpandProperty "AllowDeletingBrowserHistory"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0053"
|
|
Task = "Prompt for download location must be enabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "PromptForDownloadLocation" `
|
|
| Select-Object -ExpandProperty "PromptForDownloadLocation"
|
|
|
|
if ($regValue -ne 1) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0064"
|
|
Task = "Autoplay must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "AutoplayAllowed" `
|
|
| Select-Object -ExpandProperty "AutoplayAllowed"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0056"
|
|
Task = "Chrome must be configured to allow only TLS."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SSLVersionMin" `
|
|
| Select-Object -ExpandProperty "SSLVersionMin"
|
|
|
|
if ($regValue -ne "tls1.1") {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: tls1.1"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0057"
|
|
Task = "Safe Browsing Extended Reporting must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "SafeBrowsingExtendedReportingEnabled" `
|
|
| Select-Object -ExpandProperty "SafeBrowsingExtendedReportingEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0058"
|
|
Task = "WebUSB must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "DefaultWebUsbGuardSetting" `
|
|
| Select-Object -ExpandProperty "DefaultWebUsbGuardSetting"
|
|
|
|
if ($regValue -ne 2) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 2"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0060"
|
|
Task = "Chrome Cleanup must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "ChromeCleanupEnabled" `
|
|
| Select-Object -ExpandProperty "ChromeCleanupEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0061"
|
|
Task = "Chrome Cleanup reporting must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "ChromeCleanupReportingEnabled" `
|
|
| Select-Object -ExpandProperty "ChromeCleanupReportingEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0063"
|
|
Task = "Google Cast must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "EnableMediaRouter" `
|
|
| Select-Object -ExpandProperty "EnableMediaRouter"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0066"
|
|
Task = "Anonymized data collection must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "UrlKeyedAnonymizedDataCollectionEnabled" `
|
|
| Select-Object -ExpandProperty "UrlKeyedAnonymizedDataCollectionEnabled"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "DTBC-0067"
|
|
Task = "Collection of WebRTC event logs must be disabled."
|
|
Test = {
|
|
try {
|
|
$regValue = Get-ItemProperty -ErrorAction Stop `
|
|
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\" `
|
|
-Name "WebRtcEventLogCollectionAllowed" `
|
|
| Select-Object -ExpandProperty "WebRtcEventLogCollectionAllowed"
|
|
|
|
if ($regValue -ne 0) {
|
|
return @{
|
|
Message = "Registry value is '$regValue'. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
}
|
|
catch [System.Management.Automation.PSArgumentException] {
|
|
return @{
|
|
Message = "Registry value not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
catch [System.Management.Automation.ItemNotFoundException] {
|
|
return @{
|
|
Message = "Registry key not found."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|