U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 787 matching records. Displaying matches 681 through 700.

Name (Version) Target Authority Last Modified Resources
CIS Microsoft Exchange Server 2016 Benchmark (1.0.0) Microsoft Exchange Server 2016
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Microsoft Exchange Server 2016 Benchmark v1.0.0
CIS Mozilla Firefox 38 ESR Benchmark (1.0.0) Firefox 38 ESR
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Mozilla Firefox 38 ESR Benchmark 1.0.0
CIS Apple iOS 9 Benchmark (1.0.0) Apple iPhone
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Apple iOS 9 Benchmark v1.0.0
CIS Google Chrome 46 Benchmark (1.0.0) Google Chrome 46
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Google Chrome 46 Benchmark v.1.0.0
CIS Palo Alto Firewall 6 Benchmark (1.0.0) Palo Alto Networks Network Device Management (NDM)
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Palo Alto Firewall 6 Benchmark v1.0.0
CIS Docker 1.11.0 Benchmark (1.0.0) Docker 1.11.0
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Docker 1.11.0 Benchmark v1.0.0
CIS Docker 1.13.0 Benchmark (1.0.0) Docker 1.13.0
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Docker 1.13.0 Benchmark v1.0.0
CIS Google Android 7 Benchmark (1.0.0) Google Android 7.x
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Google Android 7 Benchmark v1.0.0
CIS SUSE Linux Enterprise Server 11 Benchmark (1.0.0) SuSE Linux Enterprise Server 11
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS SUSE Linux Enterprise Server 11 Benchmark v1.0.0
CIS Mozilla Firefox 24 ESR Benchmark (1.0.0) Mozilla Firefox ESR 24.0
Mozilla Firefox ESR 24.1
Mozilla Firefox ESR 24.2
Mozilla Firefox ESR 24.3
Mozilla Firefox ESR 24.4
Mozilla Firefox ESR 24.5
Mozilla Firefox ESR 24.6
Mozilla Firefox ESR 24.7
 Center for Internet Security (CIS)
 07/26/2019 Prose - CIS Mozilla Firefox 24 ESR Benchmark v1.0.0
SEL-2740S STIG (Ver 1 Rel 1) SEL Inc SEL-2740S
 Defense Information Systems Agency
 07/15/2019 Standalone XCCDF 1.1.4 - SEL-2740S STIG Ver 1 Rel 1
IBM WebSphere Traditional V9.x STIG (1.0) IBM WebSphere Application Server traditional V9
 Defense Information Systems Agency
 07/12/2019 Standalone XCCDF 1.1.4 - IBM WebSphere Traditional V9.x STIG Version 1
MobileIron Core v10.x MDM STIG (Ver 1 Rel 1) MobileIron Core 10.0
 Defense Information Systems Agency
 07/10/2019 Standalone XCCDF 1.1.4 - MobileIron Core v10.x MDM STIG Ver 1 Rel 1
Tanium 7.0 STIG (Ver 1, Rel 2) Tanium 7.0
 Defense Information Systems Agency
 06/15/2019 Standalone XCCDF 1.1.4 - Tanium 7.0 STIG Ver 1, Rel 2
SUSE Linux Enterprise Server (SLES) v11 for System z STIG (Version 1, Release 12) Novell SUSE Enterprise Linux Server 11
 Defense Information Systems Agency
 06/14/2019 Standalone XCCDF 1.1.4 - SLES V11 for System z STIG - Ver 1, Rel 12
.NET Framework Security Checklist (Version 1, Release 3) Microsoft .NET Framework 1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5
 Defense Information Systems Agency
 06/07/2019 Prose - Microsoft .Net Framework Security Checklist - Ver 1, Rel 3
IBM MQ Appliance v9-0 STIG (V1) IBM MQ Appliance v9-0
 Defense Information Systems Agency
 06/07/2019 Standalone XCCDF 1.1.4 - IBM MQ Appliance v9-0 AS STIG V1
Standalone XCCDF 1.1.4 - IBM MQ Appliance v9-0 NDM STIG V1
IBM DataPower STIG (Ver 1, Rel 2) IBM DataPower
 Defense Information Systems Agency
 06/06/2019 Standalone XCCDF 1.1.4 - IBM DataPower STIG ALG STIG Ver 1
Standalone XCCDF 1.1.4 - IBM DataPower NDM STIG - Ver 1, Rel 2
ForeScout CounterACT STIG (Version 2) ForeScout CounterACT ALG
ForeScout CounterACT NDM
 Defense Information Systems Agency
 06/06/2019 Standalone XCCDF 1.1.4 - ForeScout CounterACT ALG STIG - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - ForeScout CounterACT NDM STIG Ver 1
CA API Gateway STIG (Version 1, Release 1) COMPUTER ASSOCIATES (CA) APPLICATION PROGRAMMING INTERFACE (API) GATEWAY
 Defense Information Systems Agency
 06/05/2019 Standalone XCCDF 1.1.4 - CA API Gateway ALG STIG - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - CA API Gateway NDM STIG Ver 1
* This checklist is still undergoing review for inclusion into the NCP.