National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 533 matching records. Displaying matches 101 through 120.


Name (Version) Target Product Category Authority Last Modified Resources
Microsoft Security Compliance Manager - Windows Server 2008 SP2 (1.0) Microsoft Windows Server 2008 Service Pack 2 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Member Server Security Compliance (generated from Microsoft Security Compliance Manager Tool
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Print Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Terminal Services Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Web Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
Microsoft Security Compliance Manager - Windows Server 2012 (1.0) Microsoft Windows Server 2012/2012 R2 Microsoft Corporation 10/30/2013 SCAP 1.0 Content - Microsoft Windows Server 2012 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Controller Security Compliance (generated from Microsoft SCM)
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Print Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Access Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Desktop Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Web Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows Server 2012 R2 (1.0) Microsoft Windows Server 2012/2012 R2 Microsoft Corporation 09/12/2018 SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Controler Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security and Compliance Manager - Windows Server 2016 (1.0) Microsoft Windows Server 2016 Microsoft Corporation 09/12/2018 SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
GPOs - Windows 10 1607 Security Baseline
Microsoft Security Compliance Manager - Windows Vista SP2 (1.0) Microsoft Windows Vista Service Pack 2 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows Vista SP2 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Vista SP2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows XP SP3 (1.0) Microsoft Windows XP Service Pack 3 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows XP SP3 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows XP SP3 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Windows 2000 Security Checklist (Version 6, Release 1.19) Microsoft Windows 2000 Operating System Defense Information Systems Agency 01/04/2015 SCAP 1.0 Content - Windows 2000 Security Checklist
Windows XP STIG (Version 6, Release 1.34) Microsoft Windows XP Operating System Defense Information Systems Agency 08/15/2017 SCAP 1.0 Content - Windows XP STIG Benchmark Version 6, Release 1.34
Standalone XCCDF 1.1.4 - Windows XP STIG - Version 6, Release 1.32
Adobe Acrobat Pro DC Classic Track STIG (Ver 1, Rel 1) Adobe Acrobat Pro DC Classic Track Desktop Application Defense Information Systems Agency 09/07/2018 GPOs - Group Policy Objects (GPOs) - July 2018
Standalone XCCDF 1.1.4 - Adobe Acrobat Pro DC Classic Track STIG - Ver 1, Rel 1
Adobe Acrobat Pro DC Continuous Track STIG (Ver 1, Rel 1) Adobe Acrobat Pro DC Continuous Track Desktop Application Defense Information Systems Agency 09/07/2018 GPOs - Group Policy Objects (GPOs) - July 2018
Standalone XCCDF 1.1.4 - Adobe Acrobat Pro DC Continuous Track STIG - Ver 1, Rel 1
DoD - Microsoft Office 2010 Settings (21April2011) Microsoft Office 2010 Office Suite Department of Defense 09/23/2013 GPOs - Microsoft Office 2010 Version 1.0 - DRAFT Office 2010 GPO
Prose - Microsoft Office 2010 - DoD Master Office 2010 Settings
Android 2.2 (Dell) (Version 1, Release 1) Google Android 2.2 Operating System
Handheld Device
Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Checklist Details for Android 2.2 (Dell) Version 1, Release 1
CIS Microsoft SQL Server 2014 Benchmark (1.1.0) Microsoft SQL Server 2014 Database Management System Center for Internet Security (CIS) 12/01/2015 Machine-Readable Format - CIS Microsoft SQL Server 2014 Benchmark v1.1.0
NIST SP 800-179 (1.0) Apple OS X 10.10 NIST, Computer Security Division 03/01/2018 Machine-Readable Format - GitHub repository for Apple OS X 10.10 Baselines
Prose - The landing page for the NIST SP 800-179 Checklist.
Google Chrome v24 Windows STIG (Version 1, Release 1) Google Chrome 24.0.1272.0 Web Browser Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v24 Windows STIG Version 1, Release 1
Google Chrome v23 Windows STIG (Version 1, Release 2) Google Chrome 23.0.1271.0 Web Browser Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v23 Windows STIG Version 1, Release 2
FBI CJIS Compliance Profile for Red Hat Enterprise Linux 7 (RHEL7) (v0.1.31) Red Hat Enterprise Linux 7.0
Red Hat Enterprise Linux 7.1
Red Hat Enterprise Linux 7.2
Red Hat Enterprise Linux 7.3
Red Hat 12/04/2017 Machine-Readable Format - SCAP Datastream
Vanguard DB2 z/OS RACF Checklist (6.1) IBM OS390
IBM DB2 8.1
IBM RACF
IBM z/OS Version 1 Release 10
IBM z/OS Version 1 Release 11
IBM z/OS Version 1 Release 12
IBM Z/OS Version 1, Release 9
IBM z/OS Version 2.1
IBM z/OS Version 2, Release 1
Operating System
Database Management System
Security Server
Vanguard Integrity Professionals, Inc. 09/07/2017 Machine-Readable Format - Vanguards DB2 Checkslist for RACF on z/OS
OpenShift 3.x on Azure for Government (FedRAMP Moderate) (v1) Red Hat OpenShift Container Platform 3.5
Red Hat OpenShift Container Platform 3.6
Red Hat OpenShift Container Platform 3.7
Red Hat OpenShift Container Platform 3.8
Red Hat OpenShift Container Platform 3.9
Red Hat OpenShift Container Platform 3.10
Red Hat 08/22/2018 Security Template - Ansible Playbooks supporting the creation of either a multi-node full HA production cluster or a single node designed for exploration of OpenShift on Azure.
Security Template - OpenShift Container Platform 3.x on Azure for Government, FedRAMP Moderate SSP Template
Prose - Deploying Red Hat OpenShift Container Platform 3 on Microsoft Azure
FedRAMP Moderate for Red Hat OpenStack Platform 13 (v1) Red Hat OpenStack Platform 13.0 Red Hat 08/22/2018 Security Template - FedRAMP Moderate Template SSP for Red Hat OpenStack Platform 13
Security Template - NIST 800-53 Control Applicability Guide for Red Hat OpenStack Platform 13
* This checklist is still undergoing review for inclusion into the NCP.