National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70 Rev. 2, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications. NCP is migrating its repository of checklists to conform to the Security Content Automation Protocol (SCAP). SCAP enables standards based security tools to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.

Search for Checklist using the fields below. The keyword search will search across the name, and summary.

Checklist Results
Tier Target Product Product Category Authority Publication Date Checklist Name (Version) Resources
IV
  • Microsoft Internet Explorer 7
  • Web Browser
  • Technology Infrastructure Subcommittee (TIS)
 06/19/2008 USGCB Internet Explorer 7 (2.0.x.0)
IV
  • Microsoft Internet Explorer 8
  • Web Browser
  • Technology Infrastructure Subcommittee (TIS)
 09/24/2010 USGCB Internet Explorer 8 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 x86 (32-bit)
  • Microsoft Windows 7 x64 (64-bit)
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 09/24/2010 USGCB Windows 7 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 32-bit (X86)
  • Microsoft Windows 7 64-bit (X64)
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 09/24/2010 USGCB Windows 7 Firewall (1.2.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 06/19/2008 USGCB Windows Vista Firewall (2.0.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 06/19/2008 USGCB Windows Vista (2.0.x.0)
IV
  • Microsoft Windows XP Pro Service Pack 3
  • Microsoft Windows XP Pro Service Pack 2
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 06/19/2008 USGCB Windows XP Firewall (2.0.x.0)
IV
  • Microsoft Windows XP Pro SP2
  • Microsoft Windows XP Service Pack 3
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 06/19/2008 USGCB Windows XP (2.0.x.0)
IV
  • Red Hat Enterprise Linux 5
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
 02/28/2011 USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop (1.0.5.0)
III*
  • Adobe Acrobat Reader
  • Desktop Application
  • National Security Agency
 09/29/2011 Adobe Acrobat Reader X Secure Configuration Benchmark (10.1.1)
III
  • HP HP-UX 11.23
  • Operating System
  • Defense Information Systems Agency
 06/04/2012 HP-UX 11.23 STIG (Version 1, Release 2)
III
  • HP HP-UX 11.31
  • Operating System
  • Defense Information Systems Agency
 06/04/2012 HP-UX 11.31 STIG (Version 1, Release 2)
III
  • IBM AIX 5.3
  • Operating System
  • Defense Information Systems Agency
 08/23/2012 AIX 5.3 STIG (Version 1, Release 2)
III
  • IBM AIX 6.1
  • Operating System
  • Defense Information Systems Agency
 06/03/2012 AIX 6.1 STIG (Version 1, Release 2)
III
  • IBM Tivoli Identity Manager 4.6
  • Identity Management
  • National Security Agency
  • MITRE
 06/15/2011 IBM Tivoli Identity Manager Security Guide (4.6)
III
  • Microsoft .NET Framework 4.0
  • Application Server
  • Defense Information Systems Agency
 08/10/2012 Microsoft .NET Framework 4 (Version 1, Release 1)
III
  • Microsoft Outlook 2007
  • Microsoft Word 2007
  • Microsoft Office 2007
  • Microsoft Access 2007
  • Microsoft Excel 2007
  • Microsoft Infopath 2007
  • Microsoft PowerPoint 2007
  • Microsoft Visio 2007
  • Desktop Application
  • Office Suite
  • Defense Information Systems Agency
 12/03/2009 Microsoft Office 2007 STIG (Version 4, Release 1)
III*
  • Microsoft Windows Vista
  • Microsoft Internet Explorer
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
 08/27/2010 Microsoft Windows Vista Security Checklist (Version 6 Release 1.19)
III
  • Microsoft Windows Defender
  • Microsoft Internet Explorer
  • Microsoft Windows Mail
  • Microsoft Windows Media Player
  • Microsoft Windows Server 2008
  • Desktop Application
  • Malware
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
 04/29/2011 Windows Server 2008 STIG (Version 6, Release 1.21)
III
  • Microsoft Windows Vista
  • Microsoft Internet Explorer
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
 07/27/2012 Microsoft Windows Vista STIG (Version 6 Release 1.29)
* This checklist is still undergoing review for inclusion into the NCP at this tier ranking.