National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 517 matching records. Displaying matches 41 through 60.


Name (Version) Target Authority Last Modified Resources
USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop (1.2.5.0) Red Hat Enterprise Linux 5 USGCB/TIS 03/30/2018 SCAP 1.1 Content - USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop
Puppet Module - RHEL 5 Puppet Module
Reference Link - Kickstart file
Prose - USGCB-RHEL5-Desktop-Issues-Version-1.0.5.0
Prose - USGCB-RHEL5-Desktop-Settings-Version-1.0.5.0
Excel 2010 STIG (Version 1, Release 11) Microsoft Excel 2010 Defense Information Systems Agency 06/07/2019 SCAP 1.1 Content - Microsoft Excel 2010 STIG Benchmark - Ver 1, Rel 2 (SCC tool use only)
Standalone XCCDF 1.1.4 - Microsoft Excel 2010 STIG - Ver 1, Rel 11
Internet Explorer 10 STIG (Version 1 Release 15) Microsoft Internet Explorer 10 Defense Information Systems Agency 06/07/2019 SCAP 1.1 Content - Microsoft Internet Explorer 10 STIG Benchmark - Ver 1, Rel 9
Standalone XCCDF 1.1.4 - Microsoft Internet Explorer 10 STIG - Ver 1, Rel 15
Oracle Weblogic Server (11G) Oracle Weblogic Server National Security Agency
MITRE
10/30/2018 SCAP 1.1 Content - Oracle Weblogic Server
SharePoint Server 2007 Security Guide (1.0) Microsoft Office SharePoint Server 2007 National Security Agency
MITRE
10/30/2018 SCAP 1.1 Content - SharePoint Server 2007 Security Guide
AIX 5.3 STIG (Version 1, Release 2) IBM AIX 5.3 Defense Information Systems Agency 09/11/2019 SCAP 1.1 Content - Sunset - AIX 5.3 STIG Benchmark - Ver 1, Rel 2
Standalone XCCDF 1.1.4 - Sunset - AIX 5.3 Manual STIG - Ver 1, Rel 3
Windows 2003 DC STIG Benchmark (Version 6, Release 40) Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
Microsoft Windows Server 2003 Service Pack 1
Defense Information Systems Agency 09/11/2019 SCAP 1.1 Content - Sunset - Microsoft Windows 2003 DC STIG Benchmark - Ver 6, Rel 40
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2003 DC STIG - Ver 6, Rel 37
Windows 2003 MS STIG Benchmark (Version 6, Release 40) Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 Service Pack 3
Microsoft Windows Server 2003 Service Pack 1
Defense Information Systems Agency 09/11/2019 SCAP 1.1 Content - Sunset - Microsoft Windows 2003 MS STIG Benchmark - Ver 6, Rel 40
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows 2003 MS STIG - Ver 6, Rel 37
Microsoft Windows Vista STIG (Version 6 Release 42) Microsoft Windows Vista
Microsoft Internet Explorer
Defense Information Systems Agency 09/11/2019 SCAP 1.1 Content - Sunset - Microsoft Windows Vista STIG Benchmark - Ver 6, Rel 44
Standalone XCCDF 1.1.4 - Sunset - Microsoft Windows Vista STIG - Ver 6, Rel 42
Red Hat 5 STIG (Version 1, Release 18) Red Hat Enterprise Linux 5 Defense Information Systems Agency 09/11/2019 SCAP 1.1 Content - Sunset - Red Hat 5 STIG Benchmark - Ver 1, Rel 19
Standalone XCCDF 1.1.4 - Sunset - Red Hat 5 Manual STIG - Ver 1, Rel 18
Solaris 9 (Ver 1, Rel 12) Sun Solaris 9 SPARC
Sun Solaris 9
Defense Information Systems Agency 09/12/2019 SCAP 1.1 Content - Sunset - Solaris 9 SPARC STIG Benchmark - Ver 1, Rel 12
Standalone XCCDF 1.1.4 - Sunset - Solaris 9 SPARC Manual STIG - Ver 1, Rel 9
Standalone XCCDF 1.1.4 - Sunset - Solaris 9 x86 Manual STIG - Ver 1, Rel 9
Suspicious file names and file locations (v0.3) Microsoft Windows XP CyberESI 06/07/2011 SCAP 1.1 Content - Suspicious file names and file locations
DoD Consensus Security Configuration Checklist for Red Hat Enterprise Linux 5 (2.0) Red Hat Enterprise Linux 5 Department of Defense 10/30/2018 SCAP 1.0 Content - RHEL 5 SCAP
Puppet Module - RHEL 5 Puppet Module
Prose - D0D RHEL5 security recommendations
Microsoft Office 2007 STIG (Version 4, Release 1) Microsoft Outlook 2007
Microsoft Word 2007
Microsoft Office 2007
Microsoft Access 2007
Microsoft Excel 2007
Microsoft Infopath 2007
Microsoft PowerPoint 2007
Microsoft Visio 2007
Defense Information Systems Agency 04/15/2019 SCAP 1.0 Content - Microsoft Access 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Excel 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Infopath 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Office System 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Outlook 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft PowerPoint 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Visio 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
SCAP 1.0 Content - Microsoft Word 2007 generated out of the GoldDisk Tool (version 2.9.8.84).
Microsoft Security Compliance Manager Internet Explorer 10 (1.0) Microsoft Internet Explorer 10 Microsoft Corporation 09/10/2018 SCAP 1.0 Content - Microsoft IE10 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Internet Explorer 11 (1.0) Microsoft Internet Explorer 11 Microsoft Corporation 09/13/2018 SCAP 1.0 Content - Microsoft IE11 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Internet Explorer 8 (1.0) Microsoft Internet Explorer 8 Microsoft Corporation 09/13/2018 SCAP 1.0 Content - Microsoft IE8 Computer Security Compliance Baseline (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager Internet Explorer 9 (1.0) Microsoft Internet Explorer 9 Microsoft Corporation 09/13/2018 SCAP 1.0 Content - Microsoft Internet Explorer 9 Computer Security Compliance (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Microsoft Office 2007 SP2 (1.0) Microsoft Office 2007
Microsoft Office 2007 Service Pack 2
Microsoft Corporation 09/13/2018 SCAP 1.0 Content - Microsoft Office 2007 SP2 EC Baseline (generated from Microsoft Security Compliance Manager).
SCAP 1.0 Content - Microsoft Office 2007 SP2 SSLF Baseline (generated from Microsoft Security Compliance Manager).
Microsoft Security Compliance Manager - Microsoft Office 2010 Service Pack 1 (1.0) Microsoft Office 2010 Service Pack 1 Microsoft Corporation 09/13/2018 SCAP 1.0 Content - Microsoft Office 2010 SP1 Computer Security (generated from Microsoft Security Compliance Manager).
* This checklist is still undergoing review for inclusion into the NCP.