Check: DTBC-0053
      
      
        
  Google Chrome Current Windows STIG:
  DTBC-0053
  
    (in versions v2 r11 through v1 r13)
  
      
      
    
  Title
Prompt for download location must be enabled. (Cat II impact)
Discussion
If the policy is enabled, the user will be asked where to save each file before downloading. If the policy is disabled, downloads will start immediately, and the user will not be asked where to save the file. If the policy is not configured, the user will be able to change this setting.
Check Content
Universal method: 1. In the omnibox (address bar) type chrome:// policy 2. If "PromptForDownloadLocation" is not displayed under the "Policy Name" column or it is not set to "true" under the "Policy Value" column, then this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the "PromptForDownloadLocation" value name does not exist or its value data is not set to "1", this is a finding.
Fix Text
Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Ask where to save each file before downloading Policy State: Enabled Policy Value: N/A
Additional Identifiers
Rule ID: SV-221587r960879_rule
Vulnerability ID: V-221587
Group Title: SRG-APP-000089
Expert Comments
      
        
        
      
      
        
  CCIs
      
      
        
        
      
    
  | Number | Definition | 
|---|---|
| CCI-000169 | Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2 a on organization-defined information system components. | 
      
        
        
      
      
        
  Controls
      
      
        
        
      
    
  | Number | Title | 
|---|---|
| AU-12 | Audit Record Generation |