National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 518 matching records. Displaying matches 101 through 120.

Name (Version) Target Authority Last Modified Resources
Active Directory Forest STIG (Ver 2, Rel 8) Microsoft Active Directory
Defense Information Systems Agency
06/04/2019 Standalone XCCDF 1.1.4 - Active Directory Forest STIG - Ver 2, Rel 8
Adobe ColdFusion (Version 1, Release 4) Adobe ColdFusion
Defense Information Systems Agency
06/17/2019 Standalone XCCDF 1.1.4 - Adobe ColdFusion 11 STIG - Ver 1, Rel 4
Akamai KSD Service IL2 STIG (Version 1) Akamai Kona Site Defender Service Impact Level 2
Defense Information Systems Agency
06/05/2019 Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 ALG STIG Version 1
Standalone XCCDF 1.1.4 - Akamai KSD Service IL2 NDM STIG Version 1
Apache 2.2 STIG - UNIX (Version 1, Release 11) Apache HTTP Server 2.2
Defense Information Systems Agency
06/05/2019 Standalone XCCDF 1.1.4 - Apache 2.2 STIG UNIX - Ver 1, Rel 11
Apache 2.2 STIG - Windows (Version 1, Release 13) Apache HTTP Server 2.2
Defense Information Systems Agency
06/05/2019 Standalone XCCDF 1.1.4 - Apache 2.2 STIG Windows - Ver 1, Rel 13
Apache Server 2.4 UNIX STIG (Ver 1, Rel 3) Apache HTTP Server 2.4.0
Defense Information Systems Agency
03/18/2020 Standalone XCCDF 1.1.4 - Apache Server 2.4 UNIX STIG
Apache Server 2.4 Windows STIG (Ver 1, Rel 3) Apache HTTP Server 2.4.0
Defense Information Systems Agency
01/21/2020 Standalone XCCDF 1.1.4 - Apache Server 2.4 Windows STIG
Apple iOS 12 STIG (Ver 1, Rel 2) Apple iOS 12
Defense Information Systems Agency
06/05/2019 Standalone XCCDF 1.1.4 - Apple iOS 12 STIG - Ver 1, Rel 2
Apple iOS 6 STIG (Version 1, Release 2) Apple iPad Mini
Apple iPad2
Apple iPhone 4s
Apple iPhone 5
Apple iPhone OS 6.0
Apple iPhone OS 6.0.1
Apple iPhone OS 6.0.2
Apple iPhone OS 6.1
Defense Information Systems Agency
04/15/2019 Standalone XCCDF 1.1.4 - Apple iOS 6 STIG, Version 1, Release 2
Apple iOS 7 STIG (Version 1 Release 2) Apple iPhone OS 7.0
Defense Information Systems Agency
04/15/2019 Standalone XCCDF 1.1.4 - Apple iOS 7 STIG Version 1 Release 2
APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG) (Version 1, Release 1) Apple iPhone OS 8.0
Defense Information Systems Agency
04/15/2019 Standalone XCCDF 1.1.4 - APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG)
Apple OS X 10.13 STIG (Ver 1, Rel 5) Apple macOS 10.13
Defense Information Systems Agency
04/24/2020 Standalone XCCDF 1.1.4 - Apple OS X 10.13 STIG - Ver 1, Rel 5
Apple OS X 10.14 (Mojave) STIG (Ver 1, Rel 3) Apple OS X 10.14
Defense Information Systems Agency
04/24/2020 Standalone XCCDF 1.1.4 - Apple OS X 10.14 STIG - Ver 1, Rel 3
Apple OS/iPad OS 13 STIG (Ver 1, Rel 1) Apple iOS 13.0
Defense Information Systems Agency
11/15/2019 Standalone XCCDF 1.1.4 - Apple OS/iPad OS 13 STIG - Ver 1, Rel 1
Arista Multilayer Switch (MLS) DCS-7000 Series (Version 1, Release 3) Arista Multilayer Switch (MLS) DCS-7050T
Defense Information Systems Agency
11/01/2019 Standalone XCCDF 1.1.4 - Arista MLS DCS-7000 Series NDM STIG
BIND 9.x STIG (Ver 1, Rel 9) BIND 9.x
Defense Information Systems Agency
04/24/2020 Standalone XCCDF 1.1.4 - BIND 9.x STIG - Ver 1, Rel 9
BlackBerry 10.2x OS STIG (Version 1, Release 6) Blackberry OS 10.2
Defense Information Systems Agency
12/12/2019 Standalone XCCDF 1.1.4 - BlackBerry 10.2x OS STIG - Version 1, Release 6
BlackBerry Enterprise Service 10.2.x BlackBerry Device Service STIG (Version 1, Release 5) BlackBerry PlayBook OS 2.1
Blackberry OS 10.0
Blackberry OS 10.2
Defense Information Systems Agency
04/15/2019 Standalone XCCDF 1.1.4 - BlackBerry Device Service STIG - Version 1, Release 5
BlackBerry Enterprise Mobility Server (BEMS) 2.x STIG (Ver 1, Rel 2) BlackBerry Enterprise Mobility Server (BEMS)
Defense Information Systems Agency
06/05/2019 Standalone XCCDF 1.1.4 - BlackBerry Enterprise Mobility Server (BEMS) 2.x STIG Ver 1, Rel 2
BlackBerry PlayBook OS v2.1 STIG (Version 1, Release 2) Research in Motion BlackBerry PlayBook OS 2.1
Defense Information Systems Agency
08/15/2017 Standalone XCCDF 1.1.4 - BlackBerry PlayBook OS v2.1 STIG Version 1, Release 2
* This checklist is still undergoing review for inclusion into the NCP.