U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

Checklist Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 787 matching records. Displaying matches 781 through 787.

Name (Version) Target Authority Last Modified Resources
Java Runtime Environment (JRE) 7 (Version 1, Release 5) Oracle Java Runtime Environment (JRE) 1.7.0
 Defense Information Systems Agency
 08/15/2017 Standalone XCCDF 1.1.4 - Java Runtime Environment (JRE) 7 - Version 1, Release 5
Java Runtime Environment (JRE) 6 (Version 1, Release 5) Sun JRE 1.6.0
 Defense Information Systems Agency
 08/15/2017 Standalone XCCDF 1.1.4 - Java Runtime Environment (JRE) 6, Version 1, Release 5
NIST SP 800-68 (R1.2.0) Microsoft Windows XP
 NIST National Vulnerability Database
 06/01/2017 Prose - NIST Prose Guidance for Windows XP.
Prose - This FDCC resource has been deprecated by USGCB content.
APT-Suspicious file names and file locations (v0.4) Microsoft Windows 7
Microsoft Windows XP
 CyberESI
 05/06/2017 SCAP 1.2 Content - APT - Suspicious file names and file locations
NIST SP 800-43 (Update R1.2.3) Microsoft Windows 2000
 NIST, Computer Security Division
 09/12/2014 Security Template - The security template for the checklist entitled NIST 800-43.
Standalone XCCDF 1.1.4 - The XCCDF representation of the checklist entitled NIST SP 800-43.
Prose - The landing page for the NIST SP 800-43 checklist.
Suspicious file names and file locations (v0.3) Microsoft Windows XP
 CyberESI
 06/07/2011 SCAP 1.1 Content - Suspicious file names and file locations
HP LaserJet 4345 MFP Security Checklist (Version 1) HP LaserJet 4345 MFP
 HP
 07/23/2009 Prose - HP LaserJet 4345 MFP Security Checklist
* This checklist is still undergoing review for inclusion into the NCP.