National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 517 matching records. Displaying matches 101 through 120.


Name (Version) Target Product Category Authority Last Modified Resources
Microsoft Security Compliance Manager - Microsoft Windows Server 2008 R2 Service Pack 1 (1.0) Microsoft Windows Server 2008 R2 Service Pack 1 Operating System Microsoft Corporation 10/09/2014 SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Print Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Remote Desktop Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 R2 SP1 Web Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows Server 2008 SP2 (1.0) Microsoft Windows Server 2008 Service Pack 2 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Member Server Security Compliance (generated from Microsoft Security Compliance Manager Tool
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Print Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Terminal Services Security Compliance (generated from Microsoft Security Compliance Manager Tool)
SCAP 1.0 Content - Microsoft Windows Server 2008 SP2 Web Server Security Compliance (generated from Microsoft Security Compliance Manager Tool)
Microsoft Security Compliance Manager - Windows Server 2012 (1.0) Microsoft Windows Server 2012/2012 R2 Microsoft Corporation 10/30/2013 SCAP 1.0 Content - Microsoft Windows Server 2012 AD Certificate Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DHCP Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 DNS Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Controller Security Compliance (generated from Microsoft SCM)
SCAP 1.0 Content - Microsoft Windows Server 2012 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 File Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Hyper-V Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Network Access Services Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Print Server Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Access Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Remote Desktop Services Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 Web Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows Server 2012 R2 (1.0) Microsoft Windows Server 2012/2012 R2 Microsoft Corporation 06/03/2015 SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Controler Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2012 R2 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security and Compliance Manager - Windows Server 2016 (1.0) Microsoft Windows Server 2016 Microsoft Corporation 03/26/2018 SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Controller Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Server 2016 Member Server Security Compliance (generated from Microsoft Security Compliance Manager).
GPOs - Windows 10 1607 Security Baseline
Microsoft Security Compliance Manager - Windows Vista SP2 (1.0) Microsoft Windows Vista Service Pack 2 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows Vista SP2 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows Vista SP2 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Windows XP SP3 (1.0) Microsoft Windows XP Service Pack 3 Operating System Microsoft Corporation 06/24/2013 SCAP 1.0 Content - Microsoft Windows XP SP3 Domain Security Compliance (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Windows XP SP3 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Windows 2000 Security Checklist (Version 6, Release 1.19) Microsoft Windows 2000 Operating System Defense Information Systems Agency 01/04/2015 SCAP 1.0 Content - Windows 2000 Security Checklist
Windows XP STIG (Version 6, Release 1.34) Microsoft Windows XP Operating System Defense Information Systems Agency 08/15/2017 SCAP 1.0 Content - Windows XP STIG Benchmark Version 6, Release 1.34
Standalone XCCDF 1.1.4 - Windows XP STIG - Version 6, Release 1.32
DoD - Microsoft Office 2010 Settings (21April2011) Microsoft Office 2010 Office Suite Department of Defense 09/23/2013 GPOs - Microsoft Office 2010 Version 1.0 - DRAFT Office 2010 GPO
Prose - Microsoft Office 2010 - DoD Master Office 2010 Settings
Android 2.2 (Dell) (Version 1, Release 1) Google Android 2.2 Operating System
Handheld Device
Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Checklist Details for Android 2.2 (Dell) Version 1, Release 1
CIS Microsoft SQL Server 2014 Benchmark (1.1.0) Microsoft SQL Server 2014 Database Management System Center for Internet Security (CIS) 12/01/2015 Machine-Readable Format - CIS Microsoft SQL Server 2014 Benchmark v1.1.0
NIST SP 800-179 (1.0) Apple OS X 10.10 NIST, Computer Security Division 03/01/2018 Machine-Readable Format - GitHub repository for Apple OS X 10.10 Baselines
Prose - The landing page for the NIST SP 800-179 Checklist.
Google Chrome v24 Windows STIG (Version 1, Release 1) Google Chrome 24.0.1272.0 Web Browser Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v24 Windows STIG Version 1, Release 1
Google Chrome v23 Windows STIG (Version 1, Release 2) Google Chrome 23.0.1271.0 Web Browser Defense Information Systems Agency 08/15/2017 Machine-Readable Format - Google Chrome v23 Windows Benchmark - Version 1, Release 2
Standalone XCCDF 1.1.4 - Google Chrome v23 Windows STIG Version 1, Release 2
FBI CJIS Compliance Profile for Red Hat Enterprise Linux 7 (RHEL7) (v0.1.31) Red Hat Enterprise Linux 7.0
Red Hat Enterprise Linux 7.1
Red Hat Enterprise Linux 7.2
Red Hat Enterprise Linux 7.3
Red Hat 12/04/2017 Machine-Readable Format - SCAP Datastream
Vanguard DB2 z/OS RACF Checklist (6.1) IBM OS390
IBM DB2 8.1
IBM RACF
IBM z/OS Version 1 Release 10
IBM z/OS Version 1 Release 11
IBM z/OS Version 1 Release 12
IBM Z/OS Version 1, Release 9
IBM z/OS Version 2.1
IBM z/OS Version 2, Release 1
Operating System
Database Management System
Security Server
Vanguard Integrity Professionals, Inc. 09/07/2017 Machine-Readable Format - Vanguards DB2 Checkslist for RACF on z/OS
NIST SP 800-43 (Update R1.2.3) Microsoft Windows 2000 Operating System NIST, Computer Security Division 09/12/2014 Security Template - The security template for the checklist entitled NIST 800-43.
Standalone XCCDF 1.1.4 - The XCCDF representation of the checklist entitled NIST SP 800-43.
Prose - The landing page for the NIST SP 800-43 checklist.
A10 Networks Application Delivery Controller (ADC) (Version 1) A10 Networks Application Delivery Controller Network Switch Defense Information Systems Agency 03/30/2018 Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) ALG STIG Version 1
Standalone XCCDF 1.1.4 - A10 Networks Application Delivery Controller (ADC) NDM STIG Version 1
Active Directory Domain STIG (Ver 2, Rel 9) Microsoft Active Directory Directory Service Defense Information Systems Agency 04/24/2018 Standalone XCCDF 1.1.4 - Active Directory Domain STIG - Ver 2, Rel 9
* This checklist is still undergoing review for inclusion into the NCP.