U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 838 matching records. Displaying matches 721 through 740.

Name (Version) Target Authority Last Modified Resources
Microsoft Office 2007 Overview (Version 4, Release 14) Microsoft Access 2007
Microsoft Excel 2007
Microsoft Infopath 2007
Microsoft Office 2007
Microsoft Outlook 2007
Microsoft PowerPoint 2007
Microsoft Visio 2007
Microsoft Word 2007
 Defense Information Systems Agency
 09/11/2019 Prose - Sunset - Microsoft Office 2007 Overview - Ver 4, Rel 14
Excel 2007 STIG (Version 4, Release 13) Microsoft Excel 2007
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - Microsoft Excel 2007 STIG - Ver 4, Rel 13
Apple iOS 11 STIG (Ver 1, Rel 4) Apple iOS 11
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - Apple iOS 11 STIG - Ver 1, Rel 4
AirWatch MDM Software 6.5 STIG (Version 1, Release 3) AirWatch Mobile Device Management (MDM) Software 6.5
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - AirWatch MDM STIG - Ver 1, Rel 3
Oracle 9 STIG (Version 8 Release 1.8) Oracle Database 9i
Oracle Database Server 9.2
 Defense Information Systems Agency
 09/11/2019 Prose - Sunset - Oracle 9 Database STIG - Ver 8, Rel 1.8
Apple OS X 10.11 (El Capitan) STIG (Version 1, Release 6) Apple OS X 10.11
 Defense Information Systems Agency
 09/11/2019 Standalone XCCDF 1.1.4 - Sunset - Apple OS X 10.11 Workstation STIG - Ver 1, Rel 6
AIX 5.3 STIG (Version 1, Release 2) IBM AIX 5.3
 Defense Information Systems Agency
 09/11/2019 SCAP 1.1 Content - Sunset - AIX 5.3 STIG Benchmark - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - Sunset - AIX 5.3 Manual STIG - Ver 1, Rel 3
Windows 2003 MS STIG Benchmark (Version 6, Release 40) Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
 Defense Information Systems Agency
 09/11/2019 SCAP 1.1 Content - Sunset - Microsoft Windows 2003 MS STIG Benchmark - Ver 6, Rel 40
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2003 MS STIG - Ver 6, Rel 37
CIS Oracle Database 11g R2 (2.2.0) Oracle Database 11g 11.2
 Center for Internet Security (CIS)
 08/15/2019 Prose - CIS Oracle Database 11g R2 Benchmark v2.2.0
CIS Microsoft IIS 7 Benchmark (1.8.0) Microsoft Windows Internet Information Server (IIS) 7.0
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS Microsoft IIS 7 Benchmark v1.8.0
CIS Microsoft Office 2013 Benchmark (1.1.0) Microsoft Office 2013
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT OFFICE 2013 BENCHMARK V1.1.0
CIS Microsoft Word 2013 Benchmark (v1.1.0) Microsoft Word 2013
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS Microsoft Word 2013 Benchmark v1.1.0
CIS IBM DB2 9 Benchmark (3.0.1) IBM DB2 9
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS IBM DB2 9 Benchmark v3.0.1
CIS Microsoft PowerPoint 2013 Benchmark (1.0.1) Microsoft Power Point 2013
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT POWERPOINT 2013 BENCHMARK v1.0.1
CIS IBM DB2 10 Benchmark (1.1.0) IBM DB2 10
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS IBM DB2 10 Benchmark v1.1.0
CIS Microsoft Excel 2016 Benchmark (1.0.1) Microsoft Excel 2016
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT EXCEL 2016 BENCHMARK V1.0.1
CIS Microsoft Office 2016 Benchmark (1.1.0) Microsoft Office 2016
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT OFFICE 2016 BENCHMARK V1.1.0
CIS Microsoft Access 2016 Benchmark (1.0.1) Micorosft Access 2016
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT ACCESS 2016 BENCHMARK V1.0.1
CIS Apache Tomcat 7 Benchmark (1.1.0) Apache Tomcat
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS Apache Tomcat 7 Benchmark v1.1.0
CIS Microsoft PowerPoint 2016 Benchmark (1.0.1) Microsoft PowerPoint 2016
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT POWERPOINT 2016 BENCHMARK V1.0.1
* This checklist is still undergoing review for inclusion into the NCP.