U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 822 matching records. Displaying matches 757 through 776.

Name (Version) Target Authority Last Modified Resources
Network Firewall (Version 8, Release 25) Cisco PIX ASA
Foundry Networks BigIron Router
Juniper Router M10
Juniper Router M16
Juniper Router M20
Juniper Router M40
Juniper Router M5
 Defense Information Systems Agency
 04/15/2019 Standalone XCCDF 1.1.4 - Network Firewall STIG - Ver 8, Rel 25
Desktop Application Antispyware General (Version 4, Release 1) McAfee Antispyware Enterprise Module 8.5
Symantec AntiVirus 10.1 Corporate Edition for Windows Vista
Symantec AntiVirus 10.2 Corporate Edition for Windows Vista
 Defense Information Systems Agency
 04/15/2019 Prose - Desktop Application Antispyware General - Version 4, Release 1.
Google Chrome v24 Windows STIG (Version 1, Release 1) Google Chrome 24.0.1272.0
 Defense Information Systems Agency
 04/15/2019 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v24 Windows STIG Version 1, Release 1
Microsoft Office 2007 STIG (Version 4, Release 1) Microsoft Access 2007
Microsoft Excel 2007
Microsoft Infopath 2007
Microsoft Office 2007
Microsoft Outlook 2007
Microsoft PowerPoint 2007
Microsoft Visio 2007
Microsoft Word 2007
 Defense Information Systems Agency
 04/15/2019 SCAP 1.0 Content - Microsoft Access 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Excel 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Infopath 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Office System 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Outlook 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft PowerPoint 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Visio 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Word 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
Windows Server 2003 STIG (Version 6 Release 1.33) Microsoft Internet Explorer
Microsoft Windows Media Player
Microsoft Windows Messenger
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
NetMeeting
 Defense Information Systems Agency
 04/15/2019 Standalone XCCDF 1.1.4 - Windows 2003 STIG - Version 6, Release 1.33
OpenVMS Security Checklist (Version 2 Release 2.3) HP OpenVMS Alpha 6.1
HP OpenVMS Alpha 6.2
HP OpenVMS Alpha 7.0
HP OpenVMS Alpha 7.1
HP OpenVMS Alpha 7.2
HP OpenVMS Alpha 7.3
HP OpenVMS VAX 5.3
HP OpenVMS VAX 5.4
HP OpenVMS VAX 5.5
HP OpenVMS VAX 6.0
HP OpenVMS VAX 6.1
HP OpenVMS VAX 6.2
HP OpenVMS VAX 7.0
HP OpenVMS VAX 7.1
HP OpenVMS VAX 7.2
HP OpenVMS VAX 7.3
 Defense Information Systems Agency
 04/15/2019 Prose - OpenVMS SECURITY CHECKLIST
Windows 2000 Security Checklist (Version 6, Release 1.19) Microsoft Windows 2000
 Defense Information Systems Agency
 04/15/2019 SCAP 1.0 Content - Windows 2000 Security Checklist
Unisys STIG Checklist (Version 7 Release 2) Unisys 2200 6.1
Unisys 2200 8.1
 Defense Information Systems Agency
 04/15/2019 Prose - Unisys Checklist - Version 7, Release 2.
Prose - Unisys STIG - Version 7, Release 2
SharePoint 2010 (2010) Microsoft SharePoint Server 2010
 National Security Agency
 12/12/2018 Standalone XCCDF 1.1.4 - SharePoint 2010 Secure Configuration Benchmark
DoD Consensus Security Configuration Checklist for Red Hat Enterprise Linux 5 (2.0) Red Hat Enterprise Linux 5
 Department of Defense
 10/30/2018 SCAP 1.0 Content - RHEL 5 SCAP
Puppet Module - RHEL 5 Puppet Module
Prose - D0D RHEL5 security recommendations
IBM Tivoli Identity Manager Security Guide (4.6) IBM Tivoli Identity Manager 4.6
 National Security Agency
 10/30/2018 SCAP 1.1 Content - IBM Tivoli Identity Manager 4.6 Security Guide
Oracle Weblogic Server (11G) Oracle Weblogic Server
 National Security Agency
 10/30/2018 SCAP 1.1 Content - Oracle Weblogic Server
SharePoint Server 2007 Security Guide (1.0) Microsoft Office SharePoint Server 2007
 National Security Agency
 10/30/2018 SCAP 1.1 Content - SharePoint Server 2007 Security Guide
Adobe Acrobat Reader X Secure Configuration Benchmark (10.1.1) Adobe Acrobat Reader
 National Security Agency
 10/30/2018 SCAP 1.1 Content - Adobe Reader X 10.1.1
Guide to Securing Internet Explorer 5.5 using Group Policy (v1.0) Microsoft Internet Explorer 5.5
 National Security Agency
 10/24/2018 Prose - Guide to Securing Internet Explorer 5.5 using Group Policy
Guide to Securing Netscape v7.02 (v1.1) Netscape Navigator 7.02
 National Security Agency
 10/24/2018 Prose - Guide to Securing Netscape v7.02
Cisco IOS Switch Security Configuration Guide (v1.0) Cisco Catalyst OS
Cisco IOS
 National Security Agency
 10/24/2018 Prose - Cisco IOS Switch Security Configuration Guide
Guide to Sun Microsystems Java Plug-in Security (v1.0) Sun Java Plug-in 1.4.2
 National Security Agency
 10/24/2018 Prose - Guide to Sun Microsystems Java Plug-in Security
Guide to Securing Microsoft Windows 2000 Schema (v1.0) Microsoft Windows Server 2000
 National Security Agency
 10/24/2018 Prose - Guide to Securing Microsoft Windows 2000 Schema
Router Security Configuration Guide (v1.1c) Cisco IOS 11.3
Cisco IOS 12.0
Cisco IOS 12.1
Cisco IOS 12.2
Cisco IOS 12.3
 National Security Agency
 10/24/2018 Prose - Prose guidance for Router Security Configuration Guide.
* This checklist is still undergoing review for inclusion into the NCP.