Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Please note that the current search fields have been adjusted to
reflect NIST SP 800-70 Revision 4.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 558
matching records. Displaying matches 41 through 60.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| zOS ACF2 STIG (Version 6, Release 50) |
IBM OS390
|
Defense Information Systems Agency
|
08/06/2021 |
Standalone XCCDF 1.1.4 - IBM zOS STIG
Standalone XCCDF 1.1.4 - z/OS ACF2 Products - Ver 6, Rel 50
|
| zOS RACF STIG (Version 6, Release 50) |
IBM OS390
|
Defense Information Systems Agency
|
08/06/2021 |
Standalone XCCDF 1.1.4 - IBM zOS STIG
Standalone XCCDF 1.1.4 - z/OS RACF Products - Ver 6, Rel 50
|
| Microsoft SQL Server 2016 STIG (Ver 2, Rel 1) |
Microsoft SQL Server 2016
|
Defense Information Systems Agency
|
08/05/2021 |
Standalone XCCDF 1.1.4 - Microsoft SQL Server 2016 STIG
|
| Microsoft Edge STIG (Ver 1, Rel 2) |
Microsoft Edge
|
Defense Information Systems Agency
|
08/05/2021 |
Standalone XCCDF 1.1.4 - Microsoft Edge STIG - Ver 1, Rel 2
|
| CIS Oracle MySQL Enterprise Edition 8.0 Benchmark (v1.1.0) |
Oracle MySQL Enterprise Edition 8.0
|
Center for Internet Security (CIS)
|
08/05/2021 |
Prose - CIS Oracle MySQL Enterprise Edition 8.0 Benchmark v1.1.0
|
| Microsoft SCOM STIG (Ver 1, Rel 1) |
Microsoft SCOM
|
Defense Information Systems Agency
|
08/03/2021 |
Standalone XCCDF 1.1.4 - Microsoft SCOM STIG - Ver 1, Rel 1
|
| Palo Alto Networks Intrusion Detection and Prevention System (IDPS) STIG (Version 2, Release 1) |
Palo Alto Networks Intrusion Detection and Prevention System
|
Defense Information Systems Agency
|
07/30/2021 |
Standalone XCCDF 1.1.4 - Palo Alto Networks STIG
|
| IBM AIX 7.X STIG (Ver 2, Rel 3) |
IBM AIX 7.1
IBM AIX 7.2
|
Defense Information Systems Agency
|
07/30/2021 |
Standalone XCCDF 1.1.4 - IBM AIX 7.x STIG - Ver 2, Rel 3
|
| PostgreSQL 9.x STIG (Ver 2, Rel 2) |
PostgreSQL 9.x
|
Defense Information Systems Agency
|
07/30/2021 |
Standalone XCCDF 1.1.4 - PostgresSQL 9.x STIG - Ver 2, Rel 2
|
| Palo Alto Networks Network Device Management (NDM) STIG (Ver 2, Rel 1) |
Palo Alto Networks Network Device Management (NDM)
|
Defense Information Systems Agency
|
07/30/2021 |
Standalone XCCDF 1.1.4 - Palo Alto Networks STIG
|
| Palo Alto Networks Application Layer Gateway (ALG) STIG (Version 2, Release 1) |
Palo Alto Networks Application Layer Gateway (ALG)
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Palo Alto Networks STIG
|
| Kubernetes STIG (Ver 1, Rel 2) |
Kubernetes
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Kubernetes STIG - Ver 1, Rel 2
|
| Microsoft SQL Server 2014 STIG (Version 1, Release 1) |
Microsoft SQL Server 2014
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Microsoft SQL Server 2014 STIG
|
| Red Hat Jboss Enterprise Application Platform (EAP) 6.3 STIG (Ver 2, Rel 2) |
Red Hat JBoss Enterprise Application Platform 6.3.0
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Red Hat JBoss Enterprise Application Platform (EAP) 6.3 STIG - Ver 2, Rel 2
|
| Microsoft IIS 8.5 STIG (Ver 2, Rel 1) |
IIS 8.5
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Microsoft IIS 8.5 STIG
|
| Apache Tomcat Application Server 9 STIG (Ver 2, Rel 3) |
Apache Tomcat 9.0
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Apache Tomcat Application Sever 9 STIG - Ver 2, Rel 3
|
| Cisco IOS Switch STIG (Ver 1, Rel 1) |
Cisco IOS
Cisco IOS XE
Cisco NX-OS
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Cisco IOS Switch STIG
Standalone XCCDF 1.1.4 - Cisco IOS-XE Switch STIG
Standalone XCCDF 1.1.4 - Cisco NX-OS Switch STIG
|
| Microsoft IIS 10.0 STIG (Ver 2, Rel 1) |
Microsoft IIS 10
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Microsoft IIS 10.0 STIG
|
| Microsoft Windows 2012 Server DNS STIG (Ver 2, Rel 3) |
Microsoft Windows Server 2012 R2
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Microsoft Windows 2012 Server Domain Name System STIG - Ver 2, Rel 3
|
| Apple OS X 10.14 (Mojave) STIG (Ver 2, Rel 4) |
Apple OS X 10.14
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Apple OS X 10.14 STIG - Ver 2, Rel 4
|
* This checklist is still undergoing review for
inclusion into the NCP.
