U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 588 matching records. Displaying matches 1 through 20.

Name (Version) Target Authority Last Modified Resources
Microsoft Security Compliance Manager Internet Explorer 9 (1.0) Microsoft Internet Explorer 9
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft Internet Explorer 9 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows Server 2012 (1.0) Microsoft Windows Server 2012 R2
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft Windows Server 2012 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Controller Security Compliance (generated from Microsoft SCM)
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Print Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Access Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Desktop Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Web Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows 8 (1.0) Microsoft Windows 8
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft Windows 8 Bitlocker (generated from Microsoft Security Compliance Manager Tool).
SCAP 1.0 Content - Microsoft Windows 8 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 8 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows 8.1 (1.0) Microsoft Windows 8.1 (x64)
Microsoft Windows 8.1 (x86)
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft Windows 8.1 BitLocker Security (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 8.1 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 8.1 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Internet Explorer 11 (1.0) Microsoft Internet Explorer 11
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft IE11 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager Internet Explorer 10 (1.0) Microsoft Internet Explorer 10
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft IE10 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Internet Explorer 8 (1.0) Microsoft Internet Explorer 8
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft IE8 Computer Security Compliance Baseline (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows Server 2012 R2 (1.0) Microsoft Windows Server 2012 R2
Microsoft Corporation
09/23/2022 SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Controler Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows 10 1607 (1.0) Microsoft Windows 10 1607
Microsoft Corporation
09/19/2022 SCAP 1.0 Content - Microsoft Windows 10 1607 BitLocker Security (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 10 1607 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 10 1607 Credential Guard Security (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows 10 1607 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
GPOs - Windows 10 1607 Security Baseline
Microsoft Security and Compliance Manager - Windows Server 2016 (1.0) Microsoft Windows Server 2016
Microsoft Corporation
09/19/2022 SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
GPOs - Windows 10 1607 Security Baseline
DoD Consensus Security Configuration Checklist for Microsoft Windows 7 (1.0) Microsoft Windows 7
Department of Defense
09/19/2022 Prose - DOD Windows 7 security recommendations
Azure Security Benchmark (1.0) Microsoft Azure
Microsoft Corporation
09/19/2022 Prose - Azure Security Benchmark
Microsoft Windows 10 1511 (1.0) Microsoft Windows 10 1511 32-bit
Microsoft Windows 10 1511 64-bit
Microsoft Corporation
09/19/2022 Prose - Microsoft Windows 10 1511
CIS Windows XP Professional Benchmark (v3.1.0) Microsoft Windows XP Professional
Center for Internet Security (CIS)
09/19/2022 Prose - CIS Windows XP Professional Benchmark v3.1.0
CIS Windows 2003 Server Domain Controller Benchmark (v2.0.0) Microsoft Windows Server 2003
Center for Internet Security (CIS)
09/19/2022 Prose - CIS Windows 2003 Server Domain Controller Benchmark v2.0.0
CIS Windows 2003 Server Member Server Benchmark (v2.0.0) Microsoft Windows Server 2003
Center for Internet Security (CIS)
09/19/2022 Prose - CIS Windows 2003 Server Member Server Benchmark v2.0.0
VMware NSX STIG (Version 1) VMware NSX
Defense Information Systems Agency
09/19/2022 Standalone XCCDF 1.1.4 - VMware NSX Distributed Logical Router STIG, Ver 1
Standalone XCCDF 1.1.4 - VMware NSX Manager STIG, Ver 1
VMWare Horizon 7.13 STIG (Ver 1, Rel 1) VMWare Horizon
Defense Information Systems Agency
09/16/2022 Standalone XCCDF 1.1.4 - VMware Horizon 7.13 STIG - Ver 1, Rel 1
CIS IBM AIX 5.3 - AIX 6.1 Benchmark (1.1.0) IBM AIX 5.3
IBM AIX 6.1
Center for Internet Security (CIS)
09/16/2022 Prose - CIS IBM AIX 5.3 - AIX 6.1 Benchmark 1.1.0
Motorola Solutions Android 11 (Ver 1, Rel 2) Google Android 11.0
Defense Information Systems Agency
09/12/2022 Standalone XCCDF 1.1.4 - Motorola Solutions Android 11 - Ver 1, Rel 2
* This checklist is still undergoing review for inclusion into the NCP.