U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 807 matching records. Displaying matches 785 through 804.

Name (Version) Target Authority Last Modified Resources
USGCB Windows 7 Firewall (1.3.x.1) Microsoft Windows 7
Microsoft Windows 7 32-bit (X86)
Microsoft Windows 7 64-bit (X64)
USGCB/TIS
03/30/2018 SCAP 1.2 Content - Windows 7 Firewall Oval 5.10
GPOs - USGCB Windows 7 Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
USGCB Windows XP (3.0.x.1) Microsoft Windows XP Pro SP2
Microsoft Windows XP Service Pack 3
USGCB/TIS
03/30/2018 SCAP 1.2 Content - USGCB Windows XP using OVAL version 5.10
GPOs - USGCB Windows Vista Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
USGCB Windows XP Firewall (2.1.x.1) Microsoft Windows XP Pro Service Pack 2
Microsoft Windows XP Pro Service Pack 3
USGCB/TIS
03/30/2018 SCAP 1.2 Content - USGCB Windows XP Firewall SCAP content using OVAL version 5.10
GPOs - USGCB Windows XP Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
USGCB Windows Vista (3.0.x.1) Microsoft Windows Vista
USGCB/TIS
03/30/2018 SCAP 1.2 Content - USGCB Windows Vista using OVAL version 5.10
GPOs - USGCB Windows Vista GPOs
Prose - This is the human readable version of the USGCB settings.
USGCB Windows Vista Firewall (2.1.x.1) Microsoft Windows Vista
USGCB/TIS
03/30/2018 SCAP 1.2 Content - USGCB Windows Vista Firewall using OVAL version 5.10
GPOs - USGCB Windows Vista Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop (1.2.5.0) Red Hat Enterprise Linux 5
USGCB/TIS
03/30/2018 SCAP 1.1 Content - USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop
Puppet Module - RHEL 5 Puppet Module
Reference Link - Kickstart file
Prose - USGCB-RHEL5-Desktop-Issues-Version-1.0.5.0
Prose - USGCB-RHEL5-Desktop-Settings-Version-1.0.5.0
USGCB Internet Explorer 7 (2.1.x.1) Microsoft Internet Explorer 7
USGCB/TIS
03/30/2018 SCAP 1.2 Content - USGCB Internet Explorer 7 SCAP Content using OVAL version 5.10
GPOs - USGCB IE7 GPOs
Prose - This is the human readable version of the USGCB settings.
Remote XenApp ICA Thin Client STIG (Version 2, Release 7) Citrix XenApp
Defense Information Systems Agency
03/05/2018 Standalone XCCDF 1.1.4 - Remote XenApp ICA Thin Client STIG - Version 2, Release 7
FBI CJIS Compliance Profile for Red Hat Enterprise Linux 7 (RHEL7) (v0.1.31) Red Hat Enterprise Linux 7.0
Red Hat Enterprise Linux 7.1
Red Hat Enterprise Linux 7.2
Red Hat Enterprise Linux 7.3
Red Hat
12/04/2017 Machine-Readable Format - SCAP Datastream
JBoss Enterprise Application Platform (EAP) (5.x) Red Hat JBoss Enterprise Application Platform 5.0.0
Red Hat JBoss Enterprise Application Platform 5.0.1
Red Hat JBoss Enterprise Application Platform 5.1.0
Red Hat JBoss Enterprise Application Platform 5.1.1
Red Hat JBoss Enterprise Application Platform 5.1.2
Red Hat
10/23/2017 SCAP 1.1 Content - JBoss Enterprise Application Platform (EAP)
KM-8030 MFP Security Checklist (Version 1) Kyocera KM-8030 MFP
Kyocera Mita America INC
09/20/2017 Prose - KM-8030 MFP Security Checklist
Kyocera KM-6030 Security Checklist (1.1) Kyocera KM-6030
Kyocera Mita America INC
09/20/2017 Prose - Kyocera KM-6030 Security Checklist
Vanguard DB2 z/OS RACF Checklist (6.1) IBM DB2 8.1
IBM OS390
IBM RACF
IBM Z/OS Version 1, Release 9
IBM z/OS Version 1 Release 10
IBM z/OS Version 1 Release 11
IBM z/OS Version 1 Release 12
IBM z/OS Version 2, Release 1
IBM z/OS Version 2.1
Vanguard Integrity Professionals, Inc.
09/08/2017 Machine-Readable Format - Vanguards DB2 Checkslist for RACF on z/OS
Samsung Knox Android 1.0 STIG (Version 2 Release 2) Samsung Knox Android 1.0
Defense Information Systems Agency
08/16/2017 Standalone XCCDF 1.1.4 - Samsung Knox Android 1.0 STIG Version 2 Release 2
Macintosh Operating System X 10.5 (Version 1, Release 2) Apple Mac OS X 10.5
Defense Information Systems Agency
08/15/2017 Standalone XCCDF 1.1.4 - Mac OS X 10.5 STIG, Version 1, Release 2
BlackBerry PlayBook OS v2.1 STIG (Version 1, Release 2) Research in Motion BlackBerry PlayBook OS 2.1
Defense Information Systems Agency
08/15/2017 Standalone XCCDF 1.1.4 - BlackBerry PlayBook OS v2.1 STIG Version 1, Release 2
Java Runtime Environment (JRE) 7 (Version 1, Release 5) Oracle Java Runtime Environment (JRE) 1.7.0
Defense Information Systems Agency
08/15/2017 Standalone XCCDF 1.1.4 - Java Runtime Environment (JRE) 7 - Version 1, Release 5
Java Runtime Environment (JRE) 6 (Version 1, Release 5) Sun JRE 1.6.0
Defense Information Systems Agency
08/15/2017 Standalone XCCDF 1.1.4 - Java Runtime Environment (JRE) 6, Version 1, Release 5
NIST SP 800-68 (R1.2.0) Microsoft Windows XP
NIST National Vulnerability Database
06/01/2017 Prose - NIST Prose Guidance for Windows XP.
Prose - This FDCC resource has been deprecated by USGCB content.
APT-Suspicious file names and file locations (v0.4) Microsoft Windows 7
Microsoft Windows XP
CyberESI
05/06/2017 SCAP 1.2 Content - APT - Suspicious file names and file locations
* This checklist is still undergoing review for inclusion into the NCP.