U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 838 matching records. Displaying matches 741 through 760.

Name (Version) Target Authority Last Modified Resources
CIS Microsoft Outlook 2013 Benchmark (1.1.0) Microsoft Outlook 2013
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS Microsoft Outlook 2013 Benchmark v1.1.0
CIS Microsoft Outlook 2016 Benchmark (1.1.0) Microsoft Outlook 2016
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS Microsoft Outlook 2016 Benchmark v1.1.0
CIS Microsoft Access 2013 Benchmark (1.0.1) Access 2013
 Center for Internet Security (CIS)
 08/13/2019 Prose - CIS MICROSOFT ACCESS 2013 BENCHMARK V1.0.1
CIS Palo Alto Firewall 7 Benchmark (1.0.0) Palo Alto Networks Network Device Management (NDM)
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Palo Alto Firewall 7 Benchmark v1.0.0
CIS MongoDB Benchmark (1.0.0) MongoDB 3.2
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS MongoDB Benchmark v1.0.0
CIS Microsoft Exchange Server 2016 Benchmark (1.0.0) Microsoft Exchange Server 2016
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Microsoft Exchange Server 2016 Benchmark v1.0.0
CIS Mozilla Firefox 38 ESR Benchmark (1.0.0) Firefox 38 ESR
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Mozilla Firefox 38 ESR Benchmark 1.0.0
CIS Google Chrome 46 Benchmark (1.0.0) Google Chrome 46
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Google Chrome 46 Benchmark v.1.0.0
CIS Palo Alto Firewall 6 Benchmark (1.0.0) Palo Alto Networks Network Device Management (NDM)
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Palo Alto Firewall 6 Benchmark v1.0.0
CIS Docker 1.11.0 Benchmark (1.0.0) Docker 1.11.0
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Docker 1.11.0 Benchmark v1.0.0
CIS SUSE Linux Enterprise Server 11 Benchmark (1.0.0) SuSE Linux Enterprise Server 11
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS SUSE Linux Enterprise Server 11 Benchmark v1.0.0
CIS Mozilla Firefox 24 ESR Benchmark (1.0.0) Mozilla Firefox ESR 24.0
Mozilla Firefox ESR 24.1
Mozilla Firefox ESR 24.2
Mozilla Firefox ESR 24.3
Mozilla Firefox ESR 24.4
Mozilla Firefox ESR 24.5
Mozilla Firefox ESR 24.6
Mozilla Firefox ESR 24.7
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Mozilla Firefox 24 ESR Benchmark v1.0.0
SEL-2740S STIG (Ver 1 Rel 1) SEL Inc SEL-2740S
 Defense Information Systems Agency
 07/15/2019 Standalone XCCDF 1.1.4 - SEL-2740S STIG Ver 1 Rel 1
IBM WebSphere Traditional V9.x STIG (1.0) IBM WebSphere Application Server traditional V9
 Defense Information Systems Agency
 07/12/2019 Standalone XCCDF 1.1.4 - IBM WebSphere Traditional V9.x STIG Version 1
MobileIron Core v10.x MDM STIG (Ver 1 Rel 1) MobileIron Core 10.0
 Defense Information Systems Agency
 07/10/2019 Standalone XCCDF 1.1.4 - MobileIron Core v10.x MDM STIG Ver 1 Rel 1
.NET Framework Security Checklist (Version 1, Release 3) Microsoft .NET Framework 1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5
 Defense Information Systems Agency
 06/07/2019 Prose - Microsoft .Net Framework Security Checklist - Ver 1, Rel 3
IBM DataPower STIG (Ver 1, Rel 2) IBM DataPower
 Defense Information Systems Agency
 06/06/2019 Standalone XCCDF 1.1.4 - IBM DataPower STIG ALG STIG Ver 1
Standalone XCCDF 1.1.4 - IBM DataPower NDM STIG - Ver 1, Rel 2
Akamai KSD Service IL2 STIG (Version 1) Akamai Kona Site Defender Service Impact Level 2
 Defense Information Systems Agency
 06/05/2019 Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 ALG STIG Version 1
Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 NDM STIG Version 1
Google Chrome v23 Windows STIG (Version 1, Release 2) Google Chrome 23.0.1271.0
 Defense Information Systems Agency
 04/15/2019 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v23 Windows STIG Version 1, Release 2
Domain Name System (DNS) STIG (Version 4, Release 1.18) Cisco Content Services Switch 11000
ISC Bind 9.3.1
ISC Bind 9.3.2
Microsoft Windows 2000
Microsoft Windows Server 2000
Microsoft Windows Server 2003
Microsoft Windows XP
 Defense Information Systems Agency
 04/15/2019 Standalone XCCDF 1.1.4 - Domain Name System (DNS) STIG, Version 4, Release 1.18
* This checklist is still undergoing review for inclusion into the NCP.