Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Please note that the current search fields have been adjusted to
reflect NIST SP 800-70 Revision 4.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 558
matching records. Displaying matches 61 through 80.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| Microsoft Exchange Server 2016 STIG (Version 2, Release 1) |
Microsoft Exchange Server 2016
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Microsoft Exchange 2016 STIG
|
| BIND 9.x STIG (Ver 2, Rel 2) |
BIND 9.x
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 2, Rel 2
|
| Apache Server 2.4 UNIX STIG (Y21M01) |
Apache HTTP Server 2.4.0
|
Defense Information Systems Agency
|
07/29/2021 |
Standalone XCCDF 1.1.4 - Apache Server 2.4 UNIX STIG
|
| Adobe ColdFusion (Version 2, Release 1) |
Adobe ColdFusion
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - Sunset - Adobe ColdFusion 11 STIG - Ver 2, Rel 1
|
| VMWare vRealize Automation 7.x STIG (Y21M07) |
VMWare vRealize Automation 7.x
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - VMware vRealize Automation 7.x STIG
|
| Suse Linux Enterprise Server (SLES) 15 STIG (Version 1, Release 3) |
SUSE Enterprise Linux 15
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - SUSE Linux Enterprise Server (SLES) 15 STIG - Ver 1, Rel 3
|
| VMware vSphere 6.5 STIG (Y21M07) |
VMware vSphere 6.5
|
Defense Information Systems Agency
|
07/28/2021 |
Machine-Readable Format - VMware vSphere 6.5 STIG for Ansible - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - VMware vSphere 6.5 STIG
|
| Red Hat 8 STIG (Ver 1, Rel 3) |
Red Hat Enterprise Linux 8.0
|
Defense Information Systems Agency
|
07/28/2021 |
SCAP 1.2 Content - RHEL 8 STIG Benchmark - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 8 STIG - Ver 1, Rel 3
Standalone XCCDF 1.1.4 - Red Hat Enterprise Linux 8 STIG for Ansible - Ver 1, Rel 3
|
| Oracle Linux 6 STIG (Version 2, Release 4) |
Oracle Linux 6
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - Oracle Linux 6 STIG - Ver 2, Rel 4
|
| VMware vRealize Operations 6.x STIG (Y21M07) |
VMWare vRealize Operations Manager 6.x
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - VMware vRealize Ops 6.x STIG
Standalone XCCDF 1.1.4 - VMWare vRealize Operations Manager Cassandra STIG - Ver 1, Rel 1
|
| IBM zVM Using CA VMSecure STIG (Ver 2, Rel 1) |
IBM zVM Using CA VMSecure
|
Defense Information Systems Agency
|
07/28/2021 |
Standalone XCCDF 1.1.4 - IBM zVM using CA VMSecure STIG - Ver 2, Rel 1
|
| Catalina Guidance (Revision 4) |
Apple OS X 10.15
|
NIST, macOS Security Compliance Project
|
07/28/2021 |
SCAP 1.3 Content - Catalina Guidance
|
| Big Sur Guidance (Revision 3) |
Apple macOS 11.0 (Big Sur)
|
NIST, macOS Security Compliance Project
|
07/28/2021 |
SCAP 1.3 Content - Big Sur Guidance
|
| Zebra Android 10 STIG (Version 1, Release 1) |
Google Android 10.0
|
Defense Information Systems Agency
|
07/14/2021 |
Standalone XCCDF 1.1.4 - Zebra Android 10 STIG
|
| Oracle 11g Database STIG (Version 8 Release 20) |
Oracle Database 11g
Oracle Database 11g 11.1
Oracle Database 11g 11.2
|
Defense Information Systems Agency
|
07/02/2021 |
Prose - Oracle 11g Database STIG - Ver 8, Rel 20
|
| Samsung SDS EMM v1.5.x STIG (Version 1, Release 1) |
Samsung SDS EMM
|
Defense Information Systems Agency
|
06/25/2021 |
Standalone XCCDF 1.1.4 - Samsung SDS EMM v1.5.x STIG - Ver 1, Rel 1
|
| Samsung SDS EMM STIG (Ver 1, Rel 2) |
Samsung SDS EMM
|
Defense Information Systems Agency
|
06/25/2021 |
Standalone XCCDF 1.1.4 - Samsung SDS EMM STIG - Ver 1, Rel 2
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.48-8.2) |
IBM z/OS Version 2, Release 3
IBM z/OS Version 2, Release 4
|
Vanguard Integrity Professionals, Inc.
|
06/22/2021 |
ZIP - Vanguard z/OS RACF Checklist 6.48/8.2 PDF version
ZIP - Vanguard z/OS RACF Checklist 6.47/8.1 XML version
|
| Vanguard Compliance Manager z/OS RACF Checklist for completing a manual SRR Audit for Stig (6.49-8.3) |
IBM z/OS Version 2, Release 3
IBM z/OS Version 2, Release 4
|
Vanguard Integrity Professionals, Inc.
|
06/22/2021 |
ZIP - Vanguard z/OS RACF Checklist 6.49/8.3 PDF version
ZIP - Vanguard z/OS RACF Checklist 6.49/8.3 XML version
|
| VMware vSphere 6.7 STIG (Ver 1, Rel 1) |
VMware vSphere 6.7
|
Defense Information Systems Agency
|
06/14/2021 |
Standalone XCCDF 1.1.4 - VMware vSphere 6.7 STIG
|
* This checklist is still undergoing review for
inclusion into the NCP.
