U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 787 matching records. Displaying matches 441 through 460.

Name (Version) Target Authority Last Modified Resources
Samsung Android 12 with Knox 3.x (Y22M07) Google Android 12
Defense Information Systems Agency
08/01/2022 Standalone XCCDF 1.1.4 - Samsung Android 12 with Knox 3.x STIG
Windows 8/8.1 STIG (Version 1, Release 23) Microsoft Windows 8 x64 (64-bit)
Microsoft Windows 8 x86 (32-bit)
Microsoft Windows 8.1 (x64)
Microsoft Windows 8.1 (x86)
Defense Information Systems Agency
06/10/2022 SCAP 1.2 Content - Sunset - Microsoft Windows 8/8.1 STIG Benchmark - Ver 1, Rel 22
GPOs - Group Policy Objects (GPOs) - May 2022
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 8/8.1 STIG - Ver 1, Rel 23
Adobe Acrobat Reader DC Classic Track (Version 2, Release 1) Adobe Acrobat Reader
Defense Information Systems Agency
06/02/2022 SCAP 1.2 Content - Sunset - Adobe Acrobat Reader DC Classic Track STIG Benchmark - Ver 2, Rel 1
Automated Content - SCC 5.4.2 Windows
Standalone XCCDF 1.1.4 - Sunset - Adobe Acrobat Reader DC Classic Track STIG - Ver 2, Rel 1
Microsoft Windows 2012 Server DNS STIG (Ver 2, Rel 5) Microsoft Windows Server 2012 R2
Defense Information Systems Agency
05/29/2022 Standalone XCCDF 1.1.4 - Microsoft Windows 2012 Server Domain Name System STIG - Ver 2, Rel 5
Cisco IOS XE Release 3 Router STIG (Version 1 Release 3) Cisco IOS XE
Defense Information Systems Agency
04/29/2022 Standalone XCCDF 1.1.4 - Sunset - Cisco IOS XE Release 3 NDM STIG - Ver 1, Rel 5
Standalone XCCDF 1.1.4 - Sunset - Cisco IOS XE Release 3 RTR STIG - Ver 1, Rel 3
Sharepoint 2013 (Version 2, Release 3) Microsoft Sharepoint Server 2013
Defense Information Systems Agency
04/28/2022 Standalone XCCDF 1.1.4 - Microsoft SharePoint 2013 STIG - Ver 2, Rel 3
CIS Oracle MySQL Enterprise Edition 5.7 Benchmark (v2.0.0) Oracle MySQL Enterprise Edition 5.7
Center for Internet Security (CIS)
04/27/2022 Prose - CIS Oracle MySQL Enterprise Edition 5.7 Benchmark v2.0.0
CIS Oracle MySQL Enterprise Edition 5.6 Benchmark (2.0.0) Oracle MySQL Enterprise Edition 5.6
Center for Internet Security (CIS)
04/27/2022 Prose - CIS Oracle MySQL Enterprise Edition 5.6 Benchmark v2.0.0
CIS Oracle MySQL Community Server 5.6 Benchmark (2.0.0) MySQL 5.6
Center for Internet Security (CIS)
04/27/2022 Prose - CIS ORACLE MYSQL COMMUNITY SERVER 5.6 BENCHMARK V2.0.0
CIS Oracle MySQL Community Server 5.7 Benchmark (2.0.0) Oracle MySQL Community Server 5.7
Center for Internet Security (CIS)
04/27/2022 Prose - CIS Oracle MySQL Community Server 5.7 Benchmark v2.0.0
CIS Palo Alto Firewall 8 Benchmark (1.0.0) Palo Alto Networks Network Device Management (NDM)
Center for Internet Security (CIS)
04/27/2022 Prose - CIS Palo Alto Firewall 8 Benchmark, 1.0.0
CIS ISC BIND DNS Server 9.9 Benchmark (3.0.1) ISC BIND 9.9
Center for Internet Security (CIS)
04/27/2022 Prose - CIS ISC BIND DNS Server 9.9 Benchmark v3.0.1
Apple OS X 10.14 (Mojave) STIG (Ver 2, Rel 6) Apple OS X 10.14
Defense Information Systems Agency
04/25/2022 Standalone XCCDF 1.1.4 - Sunset - Apple macOS 10.14 STIG - Ver 2, Rel 6
Apple OS X 10.13 STIG (Ver 2, Rel 5) Apple macOS 10.13
Defense Information Systems Agency
04/25/2022 Standalone XCCDF 1.1.4 - Sunset - Apple macOS 10.13 STIG - Ver 2, Rel 5
Catalina Guidance (Revision 6) Apple OS X 10.15
NIST, macOS Security Compliance Project
03/18/2022 SCAP 1.3 Content - Catalina Guidance
CIS Apache HTTP Server 2.2 Benchmark (3.6.0) Apache HTTP Server 2.2
Center for Internet Security (CIS)
02/11/2022 Prose - CIS Apache HTTP Server 2.2 Benchmark v3.6.0
CIS Apple iOS 10 Benchmark (2.0.0) Apple iOS 10
Center for Internet Security (CIS)
02/11/2022 Prose - CIS Apple iOS 10 Benchmark v2.0.0
CIS PostgreSQL 11 Benchmark (1.0.0) PostgreSQL 11
Center for Internet Security (CIS)
02/11/2022 Prose - CIS PostgreSQL 12 Benchmark v1.0.0
CIS MongoDB 3.2 Benchmark (1.0.0) MongoDB 3.2
Center for Internet Security (CIS)
02/11/2022 Prose - CIS MongoDB 3.2 Benchmark v1.0.0
CIS MongoDB 3.4 Benchmark (1.0.0) MongoDB 3.4
Center for Internet Security (CIS)
02/11/2022 Prose - CIS MongoDB 3.4 Benchmark v1.0.0
* This checklist is still undergoing review for inclusion into the NCP.