National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 527 matching records. Displaying matches 381 through 400.

Name (Version) Target Authority Last Modified Resources
CIS Solaris 2.5.1-9 Benchmark (v1.3.0) Sun Solaris 2.5.1
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Solaris 2.5.1-9 Benchmark v1.3.0
CIS VMware ESX Server 3.5 Benchmark (v1.2.0) VMware ESX Server 3.0.0
VMware ESX Server 3.0.1
VMware ESX Server 3.0.2
VMware ESX Server 3.1
VMware ESX Server 3.2
VMware ESX Server 3.3
VMware ESX Server 3.5
Center for Internet Security (CIS)
07/26/2019 Prose - CIS VMware ESX Server 3.5 Benchmark v1.2.0
CIS Xen 3.2 Benchmark (v1.0.0) Xen Virtualization Server 3.2.0
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Xen 3.2 Benchmark v1.0.0
CIS Mac OSX 10.5 (Leopard) Benchmark (v1.1.0) Apple Mac OS X 10.5
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Mac OSX 10.5 (Leopard) Benchmark v1.1.0
CIS Google Android 7 Benchmark (1.0.0) Google Android 7.x
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Google Android 7 Benchmark v1.0.0
CIS SUSE Linux Enterprise Server 11 Benchmark (1.0.0) SuSE Linux Enterprise Server 11
Center for Internet Security (CIS)
07/26/2019 Prose - CIS SUSE Linux Enterprise Server 11 Benchmark v1.0.0
CIS Mozilla Firefox 24 ESR Benchmark (1.0.0) Mozilla Firefox ESR 24.0
Mozilla Firefox ESR 24.1
Mozilla Firefox ESR 24.2
Mozilla Firefox ESR 24.3
Mozilla Firefox ESR 24.4
Mozilla Firefox ESR 24.5
Mozilla Firefox ESR 24.6
Mozilla Firefox ESR 24.7
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Mozilla Firefox 24 ESR Benchmark v1.0.0
CIS Windows 2003 Server Domain Controller Benchmark (v2.0.0) Microsoft Windows Server 2003
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Windows 2003 Server Domain Controller Benchmark v2.0.0
CIS IBM AIX 4.3.2/4.3.3/5L/5.1 Benchmark (v1.0.1) IBM AIX 4.3.2
IBM AIX 4.3.3
IBM AIX 5.1
IBM AIX 5L
Center for Internet Security (CIS)
07/26/2019 Prose - CIS IBM AIX 4.3.2/4.3.3/5L/5.1 Benchmark v1.0.1
CIS Exchange Server 2003 Benchmark (v1.0.0) Microsoft Exchange Server 2003
Center for Internet Security (CIS)
07/26/2019 Prose - CIS Exchange Server 2003 Benchmark v1.0.0
CIS Oracle Database 8i Benchmark (v1.2.0) Oracle Database 8i
Center for Internet Security (CIS)
07/25/2019 Prose - CIS Oracle Database 8i Benchmark v1.2.0
CIS SUSE Linux Enterprise Server 9/10 Benchmark (v2.0.0) Novell openSUSE
openSUSE 10.0 SP1
openSUSE openSUSE
openSUSE openSUSE 10
Center for Internet Security (CIS)
07/22/2019 Prose - CIS SUSE Linux Enterprise Server 9/10 Benchmark v2.0.0
SEL-2740S STIG (Ver 1 Rel 1) SEL Inc SEL-2740S
Defense Information Systems Agency
07/15/2019 Standalone XCCDF 1.1.4 - SEL-2740S STIG Ver 1 Rel 1
Tanium 7.3 STIG (Ver 1, Rel 1) Tanium 7.3
Defense Information Systems Agency
07/12/2019 Standalone XCCDF 1.1.4 - Tanium 7.3 STIG Ver 1, Rel 1
IBM WebSphere Traditional V9.x STIG (1.0) IBM WebSphere Application Server traditional V9
Defense Information Systems Agency
07/12/2019 Standalone XCCDF 1.1.4 - IBM WebSphere Traditional V9.x STIG Version 1
MobileIron Core v10.x MDM STIG (Ver 1 Rel 1) MobileIron Core 10.0
Defense Information Systems Agency
07/10/2019 Standalone XCCDF 1.1.4 - MobileIron Core v10.x MDM STIG Ver 1 Rel 1
Oracle 11g Database STIG (Version 8 Release 20) Oracle Database 11g
Oracle Database 11g 11.1
Oracle Database 11g 11.2
Defense Information Systems Agency
06/17/2019 Prose - Oracle 11g Database STIG - Ver 8, Rel 20
Adobe ColdFusion (Version 1, Release 4) Adobe ColdFusion
Defense Information Systems Agency
06/17/2019 Standalone XCCDF 1.1.4 - Adobe ColdFusion 11 STIG - Ver 1, Rel 4
VMware vRealize Operations 6.x STIG (Ver 1, Rel 1) VMWare vRealize Operations Manager 6.x
Defense Information Systems Agency
06/15/2019 Standalone XCCDF 1.1.4 - VMWare vRealize Ops 6.x STIG - Ver 1, Rel 1
Standalone XCCDF 1.1.4 - VMWare vRealize Operations Manager Cassandra STIG - Ver 1, Rel 1
ESXi 5 Virtual Machine STIG (Version 1 Release 7) VMware ESXi 5.0
VMware ESXi 5.0 Update 1
VMware ESXi 5.0 Update 2
VMware ESXi 5.1
Defense Information Systems Agency
06/15/2019 Standalone XCCDF 1.1.4 - Vmware ESXi 5 Virtual Machine STIG - Ver 1, Rel 7
* This checklist is still undergoing review for inclusion into the NCP.