National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications.

NCP provides metadata and links to checklists of various formats including checklists that conform to the Security Content Automation Protocol (SCAP). SCAP enables validated security products to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.
Please note that the current search fields have been adjusted to reflect NIST SP 800-70 Revision 4.

Search for Checklists using the fields below. The keyword search will search across the name, and summary.

There are 518 matching records. Displaying matches 501 through 518.

Name (Version) Target Authority Last Modified Resources
DoD - Microsoft Internet Explorer 9 Settings (31May2011) Microsoft Internet Explorer 9
Department of Defense
03/12/2020 Prose - Microsoft Internet Explorer - Final Draft DoD Internet Explorer 9 Settings
Microsoft Windows 10 1511 (1.0) Microsoft Windows 10 1511 32-bit
Microsoft Windows 10 1511 64-bit
Microsoft Corporation
01/08/2020 Prose - Microsoft Windows 10 1511
Microsoft Windows 2000 IPsec Guide (v1.0) Microsoft Windows 2000
National Security Agency
10/24/2018 Prose - Microsoft Windows 2000 IPsec Guide
Microsoft Windows 2000 Router Configuration Guide (v1.02) Microsoft Windows Server 2000
National Security Agency
10/24/2018 Prose - Microsoft Windows 2000 Router Configuration Guide
NIST SP 800-68 (R1.2.0) Microsoft Windows XP
NIST National Vulnerability Database
06/01/2017 Prose - NIST Prose Guidance for Windows XP.
Prose - This FDCC resource has been deprecated by USGCB content.
OpenVMS Security Checklist (Version 2 Release 2.3) HP OpenVMS Alpha 6.1
HP OpenVMS Alpha 6.2
HP OpenVMS Alpha 7.0
HP OpenVMS Alpha 7.1
HP OpenVMS Alpha 7.2
HP OpenVMS Alpha 7.3
HP OpenVMS VAX 5.3
HP OpenVMS VAX 5.4
HP OpenVMS VAX 5.5
HP OpenVMS VAX 6.0
HP OpenVMS VAX 6.1
HP OpenVMS VAX 6.2
HP OpenVMS VAX 7.0
HP OpenVMS VAX 7.1
HP OpenVMS VAX 7.2
HP OpenVMS VAX 7.3
Defense Information Systems Agency
04/15/2019 Prose - OpenVMS SECURITY CHECKLIST
Oracle 11g Database STIG (Version 8 Release 20) Oracle Database 11g
Oracle Database 11g 11.1
Oracle Database 11g 11.2
Defense Information Systems Agency
06/17/2019 Prose - Oracle 11g Database STIG - Ver 8, Rel 20
CIS Apache HTTP Server 2.4 Benchmark (1.5.0) Apache HTTP Server 2.4.0
Center for Internet Security (CIS)
06/14/2019 Prose - Prose - CIS Apache HTTP Server 2.4 Benchmark v1.5.0
Router Security Configuration Guide (v1.1c) Cisco IOS 11.3
Cisco IOS 12.0
Cisco IOS 12.1
Cisco IOS 12.2
Cisco IOS 12.3
National Security Agency
10/24/2018 Prose - Prose guidance for Router Security Configuration Guide.
Router Security Configuration Guide Supplement - Security for IPv6 Routers (v1.0) Cisco IOS 12.3
Cisco IOS 12.3t
Cisco IOS 12.4
Cisco IOS 12.4t
National Security Agency
10/24/2018 Prose - Router Security Configuration Guide Supplement – Security for IPv6 Routers
SQL Server 2000 Database Security Checklist (Version 8 Release 1.7) Microsoft SQL Server 2000
Defense Information Systems Agency
04/15/2019 Prose - SQL Server 2000 Database Security Checklist - Version 8 Release 1.7
SQL Server 7 Database Security Checklist (Version 8 Release 1.7) Microsoft SQL Server 7.0
Defense Information Systems Agency
04/15/2019 Prose - SQL Server 7 Database Security Checklist - Version 8 Release 1.7
Citrix XenApp STIG (Version 1, Release 1.4) Citrix Presentation Server
Citrix XenApp 5.0
Citrix XenApp Server 4.5
Defense Information Systems Agency
09/12/2019 Prose - Sunset - Citrix XenApp STIG - Ver 1, Rel 1.4
Microsoft Office 2007 Overview (Version 4, Release 14) Microsoft Access 2007
Microsoft Excel 2007
Microsoft Infopath 2007
Microsoft Office 2007
Microsoft Outlook 2007
Microsoft PowerPoint 2007
Microsoft Visio 2007
Microsoft Word 2007
Defense Information Systems Agency
09/11/2019 Prose - Sunset - Microsoft Office 2007 Overview - Ver 4, Rel 14
Database Security Checklist for MS SQL Server 2005 (Ver 8, Rel 1.9) Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 7.0
Defense Information Systems Agency
09/11/2019 Prose - Sunset - Microsoft SQL Server 2005 STIG - Ver 8, Rel 1.9
Oracle 9 STIG (Version 8 Release 1.8) Oracle Database 9i
Oracle Database Server 9.2
Defense Information Systems Agency
09/11/2019 Prose - Sunset - Oracle 9 Database STIG - Ver 8, Rel 1.8
Symantec Endpoint Protection 12.1 Overview (Version 1, Release 1) Symantec Endpoint Protection 12.1
Defense Information Systems Agency
09/11/2019 Prose - Sunset - Symantec Endpoint Protection 12.1 Overview - Ver 1, Rel 1
Unisys STIG Checklist (Version 7 Release 2) Unisys 2200 6.1
Unisys 2200 8.1
Defense Information Systems Agency
04/15/2019 Prose - Unisys Checklist - Version 7, Release 2.
Prose - Unisys STIG - Version 7, Release 2
* This checklist is still undergoing review for inclusion into the NCP.