Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Please note that the current search fields have been adjusted to
reflect NIST SP 800-70 Revision 4.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 832
matching records. Displaying matches 141 through 160.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| Microsoft Exchange Server 2016 STIG (Y25M01) |
Microsoft Exchange Server 2016
|
Defense Information Systems Agency
|
01/29/2025 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2016 STIG
|
| Forescout STIG (Y25M01) |
Forescout Enterprise Manager
|
Defense Information Systems Agency
|
01/29/2025 |
Standalone XCCDF 1.1.4 - Forescout STIG
|
| Google Android 14 STIG (Y25M01) |
Google Android 14
|
Defense Information Systems Agency
|
01/29/2025 |
Standalone XCCDF 1.1.4 - Google Android 14 STIG
|
| Google Android 13 STIG (Y25M01) |
Google Android 13
|
Defense Information Systems Agency
|
01/29/2025 |
Standalone XCCDF 1.1.4 - Google Android 13 STIG
|
| Ivanti Sentry 9.x STIG (Y24M10) |
Ivanti MobileIron Sentry 9.x
|
Defense Information Systems Agency
|
12/23/2024 |
Standalone XCCDF 1.1.4 - Sunset - Ivanti MobileIron Sentry 9.x STIG - Ver 1, Rel 1
Standalone XCCDF 1.1.4 - Ivanti Sentry 9.x STIG
|
| iOS/iPadOS 18 Guidance (Revision 1.1) |
Apple iPhone OS 18.0
|
NIST, macOS Security Compliance Project
|
12/19/2024 |
ZIP - iOS/iPadOS 18 Guidance, Revision 1.1
|
| Sequoia Guidance (Revision 1.1) |
Apple MacOS 15.0
|
NIST, macOS Security Compliance Project
|
12/19/2024 |
SCAP 1.3 Content - Sequoia Guidance, Revision 1.0
|
| Sonoma Guidance (Revision 3.1) |
Apple macOS 14.0
|
NIST, macOS Security Compliance Project
|
12/19/2024 |
SCAP 1.3 Content - Sonoma Guidance, Revision 3.1
|
| Ventura Guidance (Revision 5.1) |
Apple macOS 13.0 (Ventura)
|
NIST, macOS Security Compliance Project
|
12/19/2024 |
SCAP 1.3 Content - Ventura Guidance, Revision 5.1
|
| Ivanti MobileIron Core MDM Server STIG (Ver 2, Rel 1) |
Ivanti MobileIron Core
|
Defense Information Systems Agency
|
12/17/2024 |
Standalone XCCDF 1.1.4 - Ivanti MobileIron Core MDM Server STIG - Ver 2, Rel 1
|
| Excel 2010 STIG (Version 1, Release 11) |
Microsoft Excel 2010
|
Defense Information Systems Agency
|
12/17/2024 |
Standalone XCCDF 1.1.4 - Microsoft Excel 2010 STIG - Ver 1, Rel 11
|
| Tri-Lab Operating System Stack (TOSS) 4 STIG Benchmark (Ver 2, Rel 2) |
Tri-Lab Operating System Stack (TOSS)
|
Defense Information Systems Agency
|
12/12/2024 |
SCAP 1.3 Content - Tri-Lab Operating System Stack (TOSS) 4 STIG Benchmark - Ver 2, Rel 2
SCAP 1.2 Content - Sunset - TOSS 4 STIG Benchmark - Ver 1, Rel 3
Standalone XCCDF 1.1.4 - Rev. 4 Sunset - Tri-Lab Operating System Stack (TOSS) 4 STIG - Ver 1, Rel 3
|
| Apple macOS 12 (Monterey) STIG (Ver 1, Rel 9) |
Apple macOS 12.0 (Monterey)
|
Defense Information Systems Agency
|
12/09/2024 |
Standalone XCCDF 1.1.4 - Sunset - Apple macOS 12 STIG - Ver 1, Rel 9
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.61-91) |
IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
|
Vanguard Integrity Professionals, Inc.
|
11/29/2024 |
ZIP - Vanguard z/OS RACF Checklist 6.61/91 XML version
ZIP - Vanguard z/OS RACF Checklist 6.61/91 PDF version
|
| CIS Microsoft SQL Server 2019 (1.3.0) |
Microsoft SQL Server 2019
|
Center for Internet Security (CIS)
|
11/14/2024 |
Prose - CIS Microsoft SQL Server 2019 Benchmark v1.3.0
|
| NetApp ONTAP DSC 9.X STIG (Ver 2, Rel 2) |
NetApp ONTAP DSC 9.x
|
Defense Information Systems Agency
|
11/05/2024 |
Standalone XCCDF 1.1.4 - NetApp ONTAP DSC 9.x STIG - Ver 2, Rel 2
|
| Microsoft Azure SQL Database STIG (Ver 2, Rel 2) |
Microsoft Azure
|
Defense Information Systems Agency
|
11/05/2024 |
Standalone XCCDF 1.1.4 - Microsoft Azure SQL Database STIG - Ver 2, Rel 2
|
| MarkLogic Server v9 STIG (Ver 3, Rel 2) |
MarkLogic Server v9
|
Defense Information Systems Agency
|
11/05/2024 |
Standalone XCCDF 1.1.4 - MarkLogic Server v9 STIG - Ver 3, Rel 2
|
| CA IDMS STIG (Ver 2, Rel 1) |
Broadcom CA IDMS
|
Defense Information Systems Agency
|
11/05/2024 |
Standalone XCCDF 1.1.4 - CA IDMS STIG - Ver 2, Rel 1
|
| ISEC7 Sphere STIG (Ver 3, Rel 1) |
iSEC7 Enterprise Mobility Management 6.0
|
Defense Information Systems Agency
|
11/05/2024 |
Standalone XCCDF 1.1.4 - ISEC7 Sphere STIG - Ver 3, Rel 1
|
* This checklist is still undergoing review for
inclusion into the NCP.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
