Checklist Repository
The National Checklist Program (NCP), defined by the NIST
SP 800-70, is the U.S. government repository of publicly available
security checklists (or benchmarks) that provide detailed low level
guidance on setting the security configuration of operating systems
and applications.
NCP provides metadata and links to checklists of various formats
including checklists that conform to the Security
Content Automation Protocol (SCAP). SCAP enables validated
security products to automatically perform configuration checking
using NCP checklists. For more information relating to the NCP please
visit the information page or
the glossary of terms.
Search for Checklists using the fields below. The keyword
search will search across the name, and summary.
There are 878
matching records. Displaying matches 61 through 80.
| Name (Version) |
Target |
Authority |
Last Modified |
Resources |
| USGCB Windows 7 Firewall (1.3.x.1) |
Microsoft Windows 7
Microsoft Windows 7 32-bit (X86)
Microsoft Windows 7 64-bit (X64)
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.2 Content - Windows 7 Firewall Oval 5.10
GPOs - USGCB Windows 7 Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
|
| USGCB Windows Vista (3.0.x.1) |
Microsoft Windows Vista
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.2 Content - USGCB Windows Vista using OVAL version 5.10
GPOs - USGCB Windows Vista GPOs
Prose - This is the human readable version of the USGCB settings.
|
| USGCB Windows Vista Firewall (2.1.x.1) |
Microsoft Windows Vista
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.2 Content - USGCB Windows Vista Firewall using OVAL version 5.10
GPOs - USGCB Windows Vista Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
|
| USGCB Windows XP (3.0.x.1) |
Microsoft Windows XP Pro SP2
Microsoft Windows XP Service Pack 3
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.2 Content - USGCB Windows XP using OVAL version 5.10
GPOs - USGCB Windows Vista Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
|
| USGCB Windows XP Firewall (2.1.x.1) |
Microsoft Windows XP Pro Service Pack 2
Microsoft Windows XP Pro Service Pack 3
|
USGCB/TIS
|
03/30/2018 |
SCAP 1.2 Content - USGCB Windows XP Firewall SCAP content using OVAL version 5.10
GPOs - USGCB Windows XP Firewall GPOs
Prose - This is the human readable version of the USGCB settings.
|
| Windows 2008 STIG (Version 6, Release 46) |
Microsoft Internet Explorer
Microsoft Windows Defender
Microsoft Windows Mail
Microsoft Windows Media Player
Microsoft Windows Server 2008
|
Defense Information Systems Agency
|
07/07/2020 |
SCAP 1.2 Content - Sunset - Microsoft Windows 2008 DC STIG Benchmark - Ver 6, Rel 45
SCAP 1.2 Content - Sunset - Microsoft Windows 2008 MS STIG Benchmark - Ver 6, Rel 45
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2008 DC STIG - Ver 6, Rel 47
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2008 MS STIG - Ver 6, Rel 46
|
| Windows 8/8.1 STIG (Version 1, Release 23) |
Microsoft Windows 8 x64 (64-bit)
Microsoft Windows 8 x86 (32-bit)
Microsoft Windows 8.1 (x64)
Microsoft Windows 8.1 (x86)
|
Defense Information Systems Agency
|
06/10/2022 |
SCAP 1.2 Content - Sunset - Microsoft Windows 8/8.1 STIG Benchmark - Ver 1, Rel 22
GPOs - Group Policy Objects (GPOs) - May 2022
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 8/8.1 STIG - Ver 1, Rel 23
|
| Adobe Acrobat Professional DC Continuous Track STIG (Ver 2, Rel 1) |
Adobe Acrobat Pro DC Continuous Track
|
Defense Information Systems Agency
|
02/09/2026 |
SCAP 1.3 Content - Adobe Acrobat Professional DC Continuous Track STI
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Adobe Acrobat Professional DC Continuous Track STI
|
| Adobe Acrobat Reader DC Continuous Track STIG (Ver 2, Rel 1) |
Adobe Acrobat Reader
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Adobe Acrobat Reader DC Continuous Track STIG Benchmark - Ver 2, Rel 4
Automated Content - SCC 5.14 Windows
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Adobe Acrobat Reader DC Continuous Track STIG - Ver 2, Rel 1
|
| Big Sur Guidance (Revision 7.0) |
Apple macOS 11.0 (Big Sur)
|
NIST, macOS Security Compliance Project
|
04/30/2024 |
SCAP 1.3 Content - Big Sur Guidance Revision 7.0
|
| Canonical Ubuntu 20.04 LTS STIG (Ver 2, Rel 5) |
Canonical Ubuntu 20.04 LTS
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Sunset - Canonical Ubuntu 20.04 LTS STIG SCAP Benchmark - Ver 2, Rel 5
Automated Content - SCC 5.14 Ubuntu 18/20 AMD64
Automated Content - SCC 5.14 Ubuntu 20/Raspios-bulleye Aarch64
Automated Content - SCC 5.14 Ubuntu 22/24 AMD64
Automated Content - SCC 5.14 Ubuntu 22/24 ARM64
Standalone XCCDF 1.1.4 - Canonical Ubuntu 20.04 LTS STIG for Ansible - Ver 1, Rel 11
Standalone XCCDF 1.1.4 - Sunset - Canonical Ubuntu 20.04 LTS STIG - Ver 2, Rel 4
|
| Canonical Ubuntu 22.04 LTS STIG (Ver 2, Rel 6) |
Canonical Ubuntu 22.04 LTS
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Canonical Ubuntu 22.04 LTS STIG SCAP Benchmark - Ver 2, Rel 5
Automated Content - SCC 5.14 Ubuntu 18/20 AMD64
Automated Content - SCC 5.14 Ubuntu 20/Raspios-bulleye Aarch64
Automated Content - SCC 5.14 Ubuntu 22/24 AMD64
Automated Content - SCC 5.14 Ubuntu 22/24 ARM64
Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG - Ver 2, Rel 7
Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG for Ansible - Ver 2, Rel 7
Standalone XCCDF 1.1.4 - Canonical Ubuntu 22.04 LTS STIG for Chef - Ver 2, Rel 7
|
| Canonical Ubuntu 24.04 LTS STIG (Ver 1, Rel 4) |
Canonical Ubuntu 24.04 LTS
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Canonical Ubuntu 24.04 LTS STIG SCAP Benchmark - Ver 1, Rel 3
Automated Content - SCC 5.14 Ubuntu 18/20 AMD64
Automated Content - SCC 5.14 Ubuntu 20/Raspios-bulleye Aarch64
Automated Content - SCC 5.14 Ubuntu 22/24 AMD64
Automated Content - SCC 5.14 Ubuntu 22/24 ARM64
Standalone XCCDF 1.1.4 - Canonical Ubuntu 24.04 LTS STIG - Ver 1, Rel 4
Standalone XCCDF 1.1.4 - Canonical Ubuntu 24.04 LTS STIG for Ansible - Ver 1, Rel 4
Standalone XCCDF 1.1.4 - Canonical Ubuntu 24.04 LTS STIG for Chef - Ver 1, Rel 4
|
| Catalina Guidance (Revision 6) |
Apple OS X 10.15
|
NIST, macOS Security Compliance Project
|
03/18/2022 |
SCAP 1.3 Content - Catalina Guidance
|
| Cisco IOS XE Router STIG (Y26M01) |
Cisco IOS XE
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Cisco IOS XE Router NDM STIG SCAP Benchmark - Ver 3, Rel 4
SCAP 1.3 Content - Cisco IOS XE Router RTR STIG SCAP Benchmark - Ver 3, Rel 4
Automated Content - SCC 5.14 Windows
Automated Content - SCC 5.14 MacOS ARM64
Automated Content - SCC 5.14 RHEL 7/Oracle Linux 7/SLES12/SLES 15 x86 64
Automated Content - SCC 5.14 RHEL 8/Oracle Linux 8 Aarch64
Automated Content - SCC 5.14 RHEL 8/Oracle Linux 8 x86 64
Automated Content - SCC 5.14 RHEL 9/Oracle Linux 9 Aarch64
Automated Content - SCC 5.14 RHEL 9/Oracle Linux 9 x86 64
Automated Content - SCC 5.14 Solaris 11 i386
Automated Content - SCC 5.14 Solaris 11 SPARC
Automated Content - SCC 5.14 Ubuntu 18/20 AMD64
Automated Content - SCC 5.14 Ubuntu 20/Raspios-bulleye Aarch64
Automated Content - SCC 5.14 Ubuntu 22/24 AMD64
Automated Content - SCC 5.14 Ubuntu 22/24 ARM64
Standalone XCCDF 1.1.4 - Cisco IOS XE Router STIG
Standalone XCCDF 1.1.4 - Cisco IOS XE Router NDM RTR STIG for Ansible - Ver 2, Rel 3
|
| Google Chrome Browser STIG for Windows (Version 2, Release 11) |
Google Chrome
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Google Chrome STIG Benchmark - Ver 2, Rel 11
Automated Content - SCC 5.14 Windows
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Google Chrome STIG - Ver 2, Rel 11
|
| Internet Explorer 11 STIG (Ver 2, Rel 8) |
Microsoft Internet Explorer 11
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Sunset-Microsoft Internet Explorer 11 STIG Benchmark - Ver 2, Rel 8
Automated Content - SCC 5.14 Windows
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Sunset- Microsoft Internet Explorer 11 STIG - Ver 2, Rel 6
|
| Microsoft .NET Framework 4 (Version 2, Release 7) |
Microsoft .NET Framework 4.0
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Microsoft DotNet Framework 4.0 STIG SCAP Benchmark - Ver 2, Rel 7
Automated Content - SCC 5.14 Windows
Standalone XCCDF 1.1.4 - Microsoft DotNet Framework 4.0 STIG - Ver 2, Rel 7
|
| Microsoft Edge STIG (Ver 2, Rel 4) |
Microsoft Edge
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Microsoft Edge STIG Benchmark - Ver 2, Rel 4
Automated Content - SCC 5.14 Windows
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Microsoft Edge STIG - Ver 2, Rel 4
|
| Microsoft Office 365 ProPlus STIG (Ver 3, Rel 7) |
Microsoft Office 365 ProPlus
|
Defense Information Systems Agency
|
02/13/2026 |
SCAP 1.3 Content - Microsoft Office 365 ProPlus STIG SCAP Benchmark - Ver 3, Rel 7
Automated Content - SCC 5.14 Windows
GPOs - Group Policy Objects (GPOs) - January 2026
Intune Policies - Intune Policy - January 2026
Standalone XCCDF 1.1.4 - Microsoft Office 365 ProPlus STIG - Ver 3, Rel 4
|
* This checklist is still undergoing review for
inclusion into the NCP.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
