Back
🔒
Microsoft Edge STIG Implementation
Hard
19 items
·
4 hours
testuser
Published 4 months ago
A practical checklist to implement the Microsoft Edge Security Technical Implementation Guide (STIG) in managed environments. Ideal for IT admins and security teams who need to apply DISA guidance, deploy GPO/Intune settings, scan for compliance, and maintain ongoing configuration control.
Progress
0 / 19
- Review Microsoft Edge STIG document (Ver 2, Rel 4) — Read DISA guidance for the Chromium-based Edge to understand required settings.
- Define scope and inventory affected systems — List OS versions, Edge builds, device groups, and OUs in scope.
- Backup current browser configurations and GPOs — Export existing GPOs and save Edge profile settings before changes.
- Download and verify STIG resources — Get SCAP 1.3 content, XCCDF, GPO package, and Intune policies; check SHAs.
- Review change history and DISA updates — Check recent updates and resource changes through the latest dates.
- Map STIG settings to organizational policy and exceptions — Document which STIG controls apply and note any approved exceptions.
- Configure Group Policy Objects (GPO)
- Import GPO package into your domain controller — Use the provided GPO files from DISA for faster deployment.
- Link GPO to target OUs and enforce where required — Apply to device/user OUs and verify replication across domain controllers.
- Configure Intune policies for managed endpoints
- Import and assign Intune policy package to device groups — Apply Intune settings to applicable device groups and users.
- Monitor policy deployment and replication — Confirm GPO/Intune deployment success and check for errors.
- Apply local browser settings where GPO/Intune are not available — Manually set critical options on unmanaged or legacy systems.
- Run automated SCAP/SCC compliance scans — Use the SCAP 1.3 content or SCC tooling to scan endpoints.
- Review scan results and generate findings — Prioritize findings by severity and document affected hosts.
- Remediate non-compliant findings — Apply fixes, update policies, or document accepted risks.
- Perform manual testing of critical browser functionality — Test authentication, extensions, and enterprise features after changes.
- Document configuration, change control, and retention — Record applied settings, versions, approval records, and backup locations.
- Establish ongoing review and update schedule — Plan periodic STIG reviews and monitor DISA updates and SHAs.
Your Stats
🏆
0
Completed
📅
—
Last Done
⏱️
—
Last Time
Completion Rate
Items checked per run
⚡
—
Fastest Run
🔥
0
Streak
🚫
—
Most Skipped Step
🔄
0
Resets
📝 My Notes