NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

Checklist Type:

Authority:

Target:

Order By:

Content Type:

Tool Compatibility:

Keyword:

There are 787 matching records. Displaying matches 21 through 40.

Name (Version)	Target	Authority	Last Modified	Resources
CIS Palo Alto Firewall 10 Benchmark (1.1.0)	Palo Alto Networks PAN-OS 10.0.0	Center for Internet Security (CIS)	04/30/2024	Prose - CIS Palo Alto Firewall 10 Benchmark v1.1.0
CIS Google Container-Optimized OS Benchmark (1.1.0)	Google Container-Optimized OS	Center for Internet Security (CIS)	04/30/2024	Prose - CIS Google Container-Optimized OS Benchmark v1.1.0
CIS Palo Alto Firewall 11 Benchmark (1.0.0)	Palo Alto Networks PAN-OS 11.0.0	Center for Internet Security (CIS)	04/30/2024	Prose - CIS Palo Alto Firewall 11 Benchmark v1.0.0
CIS RedHat OpenShift Container Platform Benchmark (1.4.0)	Red Hat OpenShift Container Platform 4.0	Center for Internet Security (CIS)	04/30/2024	Prose - CIS RedHat OpenShift Container Platform Benchmark v1.4.0
Sonoma Guidance (Revision 2.0)	Apple macOS 14.0	NIST, macOS Security Compliance Project	04/30/2024	SCAP 1.3 Content - Sonoma Guidance, Revision 2.0
CIS Oracle Solaris 11.1 Benchmark (1.0.0)	Oracle Solaris 11.1	Center for Internet Security (CIS)	04/30/2024	Prose - CIS Oracle Solaris 11.1 Benchmark v1.0.0
CIS Microsoft Azure Compute Services Benchmark (1.0.0)	Microsoft Azure	Center for Internet Security (CIS)	04/30/2024	Prose - CIS Microsoft Azure Compute Services Benchmark v1.0.0
CIS AWS End User Compute Services Benchmark (1.1.0)	Amazon Web Services	Center for Internet Security (CIS)	04/30/2024	Prose - CIS AWS End User Compute Services Benchmark v1.1.0
Monterey Guidance (Revision 6.0)	Apple macOS 12.0 (Monterey)	NIST, macOS Security Compliance Project	04/30/2024	SCAP 1.3 Content - Monterey Guidance Revision 6.0
Mozilla Firefox STIG (Version 6, Release 5)	Mozilla Firefox	Defense Information Systems Agency	04/19/2024	SCAP 1.2 Content - Mozilla Firefox Linux STIG Benchmark - Ver 6, Rel 4 SCAP 1.2 Content - Mozilla Firefox Windows STIG Benchmark - Ver 6, Rel 5 Automated Content - SCC 5.9 Windows Automated Content - SCC 5.9 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.9 RHEL 9/Oracle Linux 9 x86 64 Standalone XCCDF 1.1.4 - Mozilla Firefox STIG - Ver 6, Rel 5
Mirantis Kubernetes Engine (Ver 1, Rel 1)	Mirantis Kubernetes Engine	Defense Information Systems Agency	04/19/2024	Standalone XCCDF 1.1.4 - Mirantis Kubernetes Engine - Ver 1, Rel 1
ISEC7 Sphere STIG (Ver 2, Rel 1)	iSEC7 Enterprise Mobility Management 6.0	Defense Information Systems Agency	04/19/2024	Standalone XCCDF 1.1.4 - ISEC7 Sphere STIG - Ver 2, Rel 1
Red Hat 7 STIG (Ver 3, Rel 14)	Red Hat Enterprise Linux 7.0	Defense Information Systems Agency	04/19/2024	SCAP 1.2 Content - Red Hat Enterprise Linux 7 STIG Benchmark - Ver 3, Rel 14 Automated Content - SCC 5.9 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64 Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 Aarch64 Automated Content - SCC 5.9 RHEL 8/Oracle Linux 8 x86 64 Automated Content - SCC 5.9 RHEL 9/Oracle Linux 9 x86 64 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 7 STIG - Ver 3, Rel 14 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 7 STIG for Ansible - Ver 3, Rel 14 Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 7 STIG for Chef - Ver 3, Rel 8
Canonical Ubuntu 22.04 LTS STIG (Ver 1, Rel 1)	Canonical Ubuntu 22.04 LTS	Defense Information Systems Agency	04/19/2024	Automated Content - SCC 5.9 Ubuntu 22 AMD64 Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG - Ver 1, Rel 1
CIS Microsoft Windows 11 Enterprise Benchmark (3.0.0)	Microsoft Windows 11	Center for Internet Security (CIS)	04/19/2024	Prose - CIS Microsoft Windows 11 Enterprise Benchmark v3.0.0
CIS Red Hat Enterprise Linux 8 Benchmark (3.0.0)	Red Hat Enterprise Linux 8.0	Center for Internet Security (CIS)	04/19/2024	Prose - CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0
CIS IBM i V7R5M0 Benchmark (2.0.0)	IBM i System	Center for Internet Security (CIS)	04/19/2024	Prose - CIS IBM i V7R5M0 Benchmark v2.0.0
CIS SUSE Linux Enterprise 15 Benchmark (1.1.1)	SUSE Enterprise Linux 15	Center for Internet Security (CIS)	04/19/2024	Prose - CIS SUSE Linux Enterprise 15 Benchmark v1.1.1
CIS Microsoft Windows 11 Stand-alone Benchmark (2.0.0)	Microsoft Windows 11	Center for Internet Security (CIS)	04/19/2024	Prose - CIS Microsoft Windows 11 Stand-alone Benchmark v2.0.0
Windows Firewall STIG and Advanced Security STIG (Ver 2, Rel 2)	windows firewall	Defense Information Systems Agency	04/19/2024	SCAP 1.2 Content - Microsoft Windows Defender Firewall with Advanced Security STIG Benchmark - Ver 2, Rel 3 Automated Content - SCC 5.9 Windows GPOs - Group Policy Objects (GPOs) - January 2024 Standalone XCCDF 1.1.4 - Microsoft Windows Defender Firewall with Advanced Security STIG - Ver 2, Rel 2

* This checklist is still undergoing review for inclusion into the NCP.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Checklist Program

National Checklist Program

Checklist Repository