Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 878
matching records. Displaying matches 21 through 40.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| Microsoft Security Compliance Manager - Windows XP SP3 (1.0) |
Microsoft Windows XP Service Pack 3
|
Microsoft Corporation
|
09/24/2018 |
SCAP 1.0 Content - Microsoft Windows XP SP3 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows XP SP3 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
|
| Microsoft Security Compliance Manager Internet Explorer 10 (1.0) |
Microsoft Internet Explorer 10
|
Microsoft Corporation
|
09/23/2022 |
SCAP 1.0 Content - Microsoft IE10 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
|
| Microsoft Security Compliance Manager Internet Explorer 9 (1.0) |
Microsoft Internet Explorer 9
|
Microsoft Corporation
|
09/23/2022 |
SCAP 1.0 Content - Microsoft Internet Explorer 9 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
|
| Windows 2000 Security Checklist (Version 6, Release 1.19) |
Microsoft Windows 2000
|
Defense Information Systems Agency
|
04/15/2019 |
SCAP 1.0 Content - Windows 2000 Security Checklist
|
| Windows XP STIG (Version 6, Release 1.34) |
Microsoft Windows XP
|
Defense Information Systems Agency
|
04/15/2019 |
SCAP 1.0 Content - Windows XP STIG Benchmark Version 6, Release 1.34
Standalone XCCDF 1.1.4 - Windows XP STIG - Version 6, Release 1.32
|
| Adobe Acrobat Reader X Secure Configuration Benchmark (10.1.1) |
Adobe Acrobat Reader
|
National Security Agency
|
10/30/2018 |
SCAP 1.1 Content - Adobe Reader X 10.1.1
|
| AIX 5.3 STIG (Version 1, Release 2) |
IBM AIX 5.3
|
Defense Information Systems Agency
|
09/11/2019 |
SCAP 1.1 Content - Sunset - AIX 5.3 STIG Benchmark - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - Sunset - AIX 5.3 Manual STIG - Ver 1, Rel 3
|
| AIX 6.1 STIG (Version 1, Release 14) |
IBM AIX 6.1
|
Defense Information Systems Agency
|
11/07/2019 |
SCAP 1.1 Content - Sunset - AIX 6.1 STIG-Benchmark - Ver 1, Rel 9
Standalone XCCDF 1.1.4 - Sunset - AIX 6.1 STIG - Ver 1, Rel 14
|
| IBM Tivoli Identity Manager Security Guide (4.6) |
IBM Tivoli Identity Manager 4.6
|
National Security Agency
|
10/30/2018 |
SCAP 1.1 Content - IBM Tivoli Identity Manager 4.6 Security Guide
|
| JBoss Enterprise Application Platform (EAP) (5.x) |
Red Hat JBoss Enterprise Application Platform 5.0.0
Red Hat JBoss Enterprise Application Platform 5.0.1
Red Hat JBoss Enterprise Application Platform 5.1.0
Red Hat JBoss Enterprise Application Platform 5.1.1
Red Hat JBoss Enterprise Application Platform 5.1.2
|
Red Hat
|
10/23/2017 |
SCAP 1.1 Content - JBoss Enterprise Application Platform (EAP)
|
| Microsoft Windows Vista STIG (Version 6 Release 42) |
Microsoft Internet Explorer
Microsoft Windows Vista
|
Defense Information Systems Agency
|
09/11/2019 |
SCAP 1.1 Content - Sunset - Microsoft Windows Vista STIG Benchmark - Ver 6, Rel 44
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows Vista STIG - Ver 6, Rel 42
|
| Oracle Weblogic Server (11G) |
Oracle Weblogic Server
|
National Security Agency
|
10/30/2018 |
SCAP 1.1 Content - Oracle Weblogic Server
|
| Red Hat 5 STIG (Version 1, Release 18) |
Red Hat Enterprise Linux 5
|
Defense Information Systems Agency
|
09/11/2019 |
SCAP 1.1 Content - Sunset - Red Hat 5 STIG Benchmark - Ver 1, Rel 19
Standalone XCCDF 1.1.4 - Sunset - Red Hat 5 Manual STIG - Ver 1, Rel 18
|
| SharePoint Server 2007 Security Guide (1.0) |
Microsoft Office SharePoint Server 2007
|
National Security Agency
|
10/30/2018 |
SCAP 1.1 Content - SharePoint Server 2007 Security Guide
|
| Solaris 9 (Ver 1, Rel 12) |
Sun Solaris 9
Sun Solaris 9 SPARC
|
Defense Information Systems Agency
|
09/12/2019 |
SCAP 1.1 Content - Sunset - Solaris 9 SPARC STIG Benchmark - Ver 1, Rel 12
Standalone XCCDF 1.1.4 - Sunset - Solaris 9 SPARC Manual STIG - Ver 1, Rel 9
Standalone XCCDF 1.1.4 - Sunset - Solaris 9 x86 Manual STIG - Ver 1, Rel 9
|
| Suspicious file names and file locations (v0.3) |
Microsoft Windows XP
|
CyberESI
|
06/12/2025 |
SCAP 1.1 Content - Suspicious file names and file locations
|
| USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop (1.2.5.0) |
Red Hat Enterprise Linux 5
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.1 Content - USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop
Puppet Module - RHEL 5 Puppet Module
Reference Link - Kickstart file
Prose - USGCB-RHEL5-Desktop-Issues-Version-1.0.5.0
Prose - USGCB-RHEL5-Desktop-Settings-Version-1.0.5.0
|
| Windows 2003 DC STIG Benchmark (Version 6, Release 40) |
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
|
Defense Information Systems Agency
|
09/11/2019 |
SCAP 1.1 Content - Sunset - Microsoft Windows 2003 DC STIG Benchmark - Ver 6, Rel 40
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2003 DC STIG - Ver 6, Rel 37
|
| Windows 2003 MS STIG Benchmark (Version 6, Release 40) |
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
|
Defense Information Systems Agency
|
09/11/2019 |
SCAP 1.1 Content - Sunset - Microsoft Windows 2003 MS STIG Benchmark - Ver 6, Rel 40
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2003 MS STIG - Ver 6, Rel 37
|
| Adobe Acrobat Reader DC Classic Track (Version 2, Release 1) |
Adobe Acrobat Reader
|
Defense Information Systems Agency
|
06/02/2022 |
SCAP 1.2 Content - Sunset - Adobe Acrobat Reader DC Classic Track STIG Benchmark - Ver 2, Rel 1
Automated Content - SCC 5.4.2 Windows
Standalone XCCDF 1.1.4 - Sunset - Adobe Acrobat Reader DC Classic Track STIG - Ver 2, Rel 1
|
* This checklist is still undergoing review for
inclusion into the NCP.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
