Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Please note that the current search fields have been adjusted to
reflect NIST SP 800-70 Revision 4.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 843
matching records. Displaying matches 501 through 520.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| CIS Microsoft SQL Server 2014 Benchmark (1.5.0) |
Microsoft SQL Server 2014
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS Microsoft SQL Server 2014 Benchmark v1.5.0
|
| CIS FreeBSD 4.10 Benchmark (v1.0.5) |
FreeBSD 4.10
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS FreeBSD 4.10 Benchmark v1.0.5
|
| CIS IBM AIX 5.3 - AIX 6.1 Benchmark (1.1.0) |
IBM AIX 5.3
IBM AIX 6.1
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS IBM AIX 5.3 - AIX 6.1 Benchmark 1.1.0
|
| CIS Microsoft Windows 7 Workstation Benchmark (3.1.0) |
Microsoft Windows 7
Microsoft Windows 7 32-bit
Microsoft Windows 7 64-bit
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS Microsoft Windows 7 Workstation Benchmark v3.1.0
|
| CIS Microsoft SQL Server 2019 (1.2.0) |
Microsoft SQL Server 2019
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS Microsoft SQL Server 2019 Benchmark v1.2.0
|
| CIS Exchange Server 2007 Benchmark (Version 1.1.0) |
Exchange 2007 for Windows Server 2003
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS Exchange Server 2007 Benchmark v1.1.0
|
| CIS Microsoft SQL Server 2012 Benchmark (1.6.0) |
Microsoft SQL Server 2012
|
Center for Internet Security (CIS)
|
08/31/2023 |
Prose - CIS Microsoft SQL Server 2014 Benchmark v1.6.0
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.56-10) |
IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
|
Vanguard Integrity Professionals, Inc.
|
08/14/2023 |
ZIP - Vanguard z/OS RACF Checklist 6.54/8.7 PDF version
ZIP - Vanguard z/OS RACF Checklist 6.56/10 XML version
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.55-89) |
IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
|
Vanguard Integrity Professionals, Inc.
|
08/14/2023 |
ZIP - Vanguard z/OS RACF Checklist 6.54/8.7 PDF version
ZIP - Vanguard z/OS RACF Checklist 6.54/8.7 XML version
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.53-87) |
IBM z/OS Version 2, Release 3
IBM z/OS Version 2, Release 4
IBM z/OS Version 2, Release 5
|
Vanguard Integrity Professionals, Inc.
|
07/28/2023 |
ZIP - Vanguard z/OS RACF Checklist 6.53/8.7 PDF version
|
| NIST SP 800-179 (1.0) |
Apple OS X 10.10
|
NIST, Computer Security Division
|
07/25/2023 |
Machine-Readable Format - GitHub repository for Apple OS X 10.10 Baselines
Prose - Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)
|
| VMware NSX-T Data Center STIG (Y23M07) |
VMware NSX
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - VMware NSX-T Data Center STIG
|
| Fortinet FortiGate Firewall STIG (Y23M07) |
Fortinet Fortigate Firewall
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - Fortinet FortiGate Firewall STIG
|
| BlackBerry Enterprise Mobility Server (BEMS) 3.x STIG (Ver 1, Rel 2) |
BlackBerry Enterprise Mobility Server (BEMS)
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - BlackBerry Enterprise Mobility Server (BEMS) 3.x STIG - Ver 1, Rel 2
|
| IBM DB2 V10-5 LUW STIG (Ver 2, Rel 1) |
IBM DB2 V10-5 for Linux, Unix, and Windows (LUW)
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - IBM DB2 V10.5 STIG - Ver 2, Rel 1
|
| VMware vSphere 6.7 STIG (Y23M07) |
VMware vSphere 6.7
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - Sunset - VMware vSphere 6.7 STIG
|
| VMware vSphere 6.5 STIG (Y23M07) |
VMware vSphere 6.5
|
Defense Information Systems Agency
|
07/25/2023 |
Machine-Readable Format - VMware vSphere 6.5 STIG for Ansible - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - Sunset - VMware vSphere 6.5 STIG
|
| Samsung Android OS 10 with Knox 3.x STIG (Ver 2, Rel 1) |
Samsung Android OS 10.0
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - Sunset - Samsung Android OS 10 with Knox 3.x STIG - Ver 2, Rel 1
|
| Esri ArcGIS Server 10.3 STIG (Ver 2, Rel 1) |
Esri ArcGIS Server
|
Defense Information Systems Agency
|
07/25/2023 |
Standalone XCCDF 1.1.4 - Sunset - Esri ArcGIS for Server 10.3 STIG - Ver 2, Rel 1
|
| Google Android 11 STIG (Y23M01) |
Google Android 11.0
|
Defense Information Systems Agency
|
04/28/2023 |
Standalone XCCDF 1.1.4 - Sunset - Google Android 11 STIG
|
* This checklist is still undergoing review for
inclusion into the NCP.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
