National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 517 matching records. Displaying matches 501 through 517.


Name (Version) Target Product Category Authority Last Modified Resources
Microsoft Windows 10 1511 (1.0) Microsoft Windows 10 1511 64-bit
Microsoft Windows 10 1511 32-bit
Microsoft Corporation 09/25/2017 Prose - Microsoft Windows 10 1511
Microsoft Windows 2000 IPsec Guide (v1.0) Microsoft Windows 2000 Operating System National Security Agency 09/12/2014 Prose - Microsoft Windows 2000 IPsec Guide
Microsoft Windows 2000 Router Configuration Guide (v1.02) Microsoft Windows Server 2000 Operating System National Security Agency 09/12/2014 Prose - Microsoft Windows 2000 Router Configuration Guide
NIST SP 800-68 (R1.2.0) Microsoft Windows XP Operating System NIST National Vulnerability Database 06/01/2017 Prose - NIST Prose Guidance for Windows XP.
Prose - This FDCC resource has been deprecated by USGCB content.
OpenVMS Security Checklist (Version 2 Release 2.3) Digital OpenVMS Alpha 6.1
Digital OpenVMS Alpha 6.2
Digital OpenVMS Alpha 7.0
Digital OpenVMS Alpha 7.1
Digital OpenVMS Alpha 7.2
Digital OpenVMS Alpha 7.3
Digital OpenVMS VAX 6.1
Digital OpenVMS VAX 6.2
Digital OpenVMS VAX 7.0
Digital OpenVMS VAX 7.1
Digital OpenVMS VAX 7.2
Digital OpenVMS VAX 7.3
Digital OpenVMS VAX 5.3
Digital OpenVMS VAX 5.4
Digital OpenVMS VAX 5.5
Digital OpenVMS VAX 6.0
Operating System Defense Information Systems Agency 08/15/2017 Prose - OpenVMS SECURITY CHECKLIST
Oracle 9 STIG (Version 8 Release 1.8) Oracle Database 9i
Oracle Database Server 9.2
Database Management System Defense Information Systems Agency 08/15/2017 Prose - Oracle 9 STIG Version 8 Release 1.8
CIS Apache HTTP Server 2.4 Benchmark (1.3.1) Apache HTTP Server 2.4 Web Server Center for Internet Security (CIS) 09/18/2017 Prose - Prose - CIS Apache HTTP Server 2.4 Benchmark v1.4.0
Apache HTTP Server 2.2 (3.4.1) Apache HTTP Server 2.2 Web Server Center for Internet Security (CIS) 09/18/2017 Prose - Prose - CIS Apache HTTP Server 2.4 Benchmark v1.4.0
CIS Apache HTTP Server 2.2 Benchmark (3.4.2) Apache HTTP Server 2.2 Web Server Center for Internet Security (CIS) 06/20/2018 Prose - Prose - CIS Apache HTTP Server 2.4 Benchmark v1.4.0
Router Security Configuration Guide (v1.1c) Cisco IOS 12.0
Cisco IOS 11.3
Cisco IOS 12.3
Cisco IOS 12.1
Cisco IOS 12.2
Network Router National Security Agency 05/21/2018 Prose - Prose guidance for Router Security Configuration Guide.
Router Security Configuration Guide Supplement - Security for IPv6 Routers (v1.0) Cisco IOS 12.4
Cisco IOS 12.4t
Cisco IOS 12.3
Cisco IOS 12.3t
Network Router National Security Agency 09/12/2014 Prose - Router Security Configuration Guide Supplement – Security for IPv6 Routers
SQL Server 2000 Database Security Checklist (Version 8 Release 1.7) Microsoft SQL Server 2000 Database Management System Defense Information Systems Agency 08/15/2017 Prose - SQL Server 2000 Database Security Checklist - Version 8 Release 1.7
Database Security Checklist for MS SQL Server 2005 (Ver 8, Rel 1.8) Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 7.0
Database Management System Defense Information Systems Agency 08/15/2017 Prose - SQL Server 2005 Database Security Checklist - Version 8 Release 1.8
SQL Server 7 Database Security Checklist (Version 8 Release 1.7) Microsoft SQL Server 7.0 Database Management System Defense Information Systems Agency 08/15/2017 Prose - SQL Server 7 Database Security Checklist - Version 8 Release 1.7
Symantec Endpoint Protection 12.1 Overview (Version 1, Release 1) Symantec Endpoint Protection 12.1 Antivirus Software Defense Information Systems Agency 08/15/2017 Prose - Symantec Endpoint Protection 12.1 Overview - Version 1, Release 1
Unisys STIG Checklist (Version 7 Release 2) Unisys 2200 8.1
Unisys 2200 6.1
Operating System Defense Information Systems Agency 08/15/2017 Prose - Unisys Checklist - Version 7, Release 2.
Prose - Unisys STIG - Version 7, Release 2
Vanguard Administrator and Analyzer z/OS RACF Checklist for completing an SRR audit manually. Version 6.33 (6.33 - PDF Version) IBM RACF
IBM z/OS Version 1 Release 10
IBM z/OS Version 1 Release 11
IBM z/OS Version 1 Release 12
IBM Z/OS Version 1, Release 9
IBM z/OS Version 1 Release 13
IBM z/OS Version 2, Release 1
IBM z/OS Version 2, Release 2
IBM Z/os Version 2 Release 3
Security Server
Operating System
Vanguard Integrity Professionals, Inc. 12/18/2017 Prose - Vanguard z/OS RACF Checklist 6.33
* This checklist is still undergoing review for inclusion into the NCP.