U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 868 matching records. Displaying matches 301 through 320.

Name (Version) Target Authority Last Modified Resources
FedRAMP Moderate for Red Hat OpenStack Platform 13 (v1) Red Hat OpenStack Platform 13.0
 Red Hat
 08/27/2024 Security Template - NIST 800-53 Control Applicability Guide for Red Hat OpenStack Platform 13
Security Template - FedRAMP Moderate Template SSP for Red Hat OpenStack Platform 13
Vanguard Compliance Manager z/OS RACF Checklist for completing a automated SRR Audit for Stig (6.44/71,6.45/72 and 6.46/73) IBM z/OS Version 2, Release 5
 Vanguard Integrity Professionals, Inc.
 08/27/2024 ZIP - Vanguard z/OS RACF Checklist 6.44-6.46/7.1-7.3(For Z/OS V2R4 release)
ForeScout CounterACT STIG (Version 2) ForeScout CounterACT ALG
ForeScout CounterACT NDM
 Defense Information Systems Agency
 08/21/2024 Standalone XCCDF 1.1.4 - Sunset - ForeScout CounterACT ALG STIG - Ver 1, Rel 3
Standalone XCCDF 1.1.4 - Sunset - ForeScout CounterACT NDM STIG Ver 1, Rel 2
Oracle 11.2g Database STIG (Version 2, Release 4) Oracle Database 11g 11.2
 Defense Information Systems Agency
 08/21/2024 Standalone XCCDF 1.1.4 - Oracle Database 11.2g STIG - Ver 2, Rel 4
Project 2013 STIG (Version 1, Release 5) Microsoft Project 2013
 Defense Information Systems Agency
 08/20/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Project 2013 STIG - Ver 1, Rel 5
Motorola Solutions Android 11 (Ver 1, Rel 3) Google Android 11.0
 Defense Information Systems Agency
 08/20/2024 Standalone XCCDF 1.1.4 - Sunset - Motorola Solutions Android 11 STIG - Ver 1, Rel 3
Microsoft Word 2010 STIG (Ver 1, Rel 12) Microsoft Word 2010
 Defense Information Systems Agency
 08/20/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Word 2010 STIG - Ver 1, Rel 12
Docker Enterprise 2.x Linux/UNIX STIG (Ver 2 Rel 2) Docker Enterprise 2.0.0
 Defense Information Systems Agency
 08/20/2024 Machine-Readable Format - Docker Enterprise 2.x Linux/Unix STIG for Ansible - Ver 1, Rel 1
Standalone XCCDF 1.1.4 - Docker Enterprise 2.x Linux/Unix - Ver 2, Rel 1
Standalone XCCDF 1.1.4 - Sunset - Docker Enterprise 2.x Linux/Unix STIG - Ver 2, Rel 2
Samsung Android 11 Knox 3.x (Ver 1, Rel 1) Google Android 11.0
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Samsung Android 11 Knox 3.x STIG
PostgreSQL 9.x STIG (Ver 2, Rel 5) PostgreSQL 9.x
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - PostgreSQL 9.x STIG - Ver 2, Rel 5
Publisher 2010 STIG (Version 1, Release 12) Microsoft Publisher 2010
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Publisher 2010 STIG - Ver 1, Rel 12
Project 2010 STIG (Version 1, Release 10) Microsoft Project 2010
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Project 2010 STIG - Ver 1, Rel 10
PowerPoint 2010 STIG (Version 1, Release 11) Microsoft PowerPoint 2010
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft PowerPoint 2010 STIG - Ver 1, Rel 11
Office System 2010 STIG (Version 1, Release 13) Microsoft Office System 2010
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Microsoft Office System 2010 STIG - Ver 1, Rel 13
Microsoft Windows 2012 Server DNS STIG (Ver 2, Rel 7) Microsoft Windows Server 2012 R2
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2012 Server Domain Name System STIG - Ver 2, Rel 7
Publisher 2013 STIG (Version 1, Release 6) Microsoft Publisher 2013
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Publisher 2013 STIG - Ver 1, Rel 6
PowerPoint 2013 STIG (Version 1, Release 7) Microsoft Power Point 2013
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft PowerPoint 2013 STIG - Ver 1, Rel 7
Infopath 2010 STIG (Version 1, Release 12) Microsoft InfoPath 2010
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft InfoPath 2010 STIG - Ver 1, Rel 12
Microsoft Android 11 STIG (Y24M07) Google Android 11.0
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - Microsoft Android 11 STIG
IBM MQ Appliance v9-0 STIG (V1) IBM MQ Appliance v9-0
 Defense Information Systems Agency
 08/15/2024 Standalone XCCDF 1.1.4 - Sunset - IBM MQ Appliance V9-0 STIG
* This checklist is still undergoing review for inclusion into the NCP.