STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Google Chrome Current Windows Security Technical Implementation Guide

V-221587

CAT II (Medium)

Prompt for download location must be enabled.

Rule ID

SV-221587r960879_rule

STIG

Google Chrome Current Windows Security Technical Implementation Guide

Version

V2R11

CCIs

CCI-000169

Discussion

If the policy is enabled, the user will be asked where to save each file before downloading. If the policy is disabled, downloads will start immediately, and the user will not be asked where to save the file. If the policy is not configured, the user will be able to change this setting.

Check Content

Universal method:
1. In the omnibox (address bar) type chrome:// policy
2. If "PromptForDownloadLocation" is not displayed under the "Policy Name" column or it is not set to "true" under the "Policy Value" column, then this is a finding.
Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the "PromptForDownloadLocation" value name does not exist or its value data is not set to "1", this is a finding.

Fix Text

Windows group policy:
1. Open the group policy editor tool with gpedit.msc
2. Navigate to Policy Path:  Computer Configuration\Administrative Templates\Google\Google Chrome\
 Policy Name: Ask where to save each file before downloading
 Policy State:  Enabled
 Policy Value: N/A