National Checklist Program Repository

The National Checklist Program (NCP), defined by the NIST SP 800-70 Rev. 2, is the U.S. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications. NCP is migrating its repository of checklists to conform to the Security Content Automation Protocol (SCAP). SCAP enables standards based security tools to automatically perform configuration checking using NCP checklists. For more information relating to the NCP please visit the information page or the glossary of terms.

Search for Checklist using the fields below. The keyword search will search across the name, and summary.

Checklist Results
Tier Target Product Product Category Authority Publication Date Checklist Name (Version) Resources
IV
  • Microsoft Internet Explorer 7
  • Web Browser
  • Technology Infrastructure Subcommittee (TIS)
06/19/2008 USGCB Internet Explorer 7 (2.0.x.0)
IV
  • Microsoft Internet Explorer 8
  • Web Browser
  • Technology Infrastructure Subcommittee (TIS)
09/24/2010 USGCB Internet Explorer 8 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 32-bit (X86)
  • Microsoft Windows 7 64-bit (X64)
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
09/24/2010 USGCB Windows 7 (1.2.x.0)
IV
  • Microsoft Windows 7
  • Microsoft Windows 7 32-bit (X86)
  • Microsoft Windows 7 64-bit (X64)
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
09/24/2010 USGCB Windows 7 Firewall (1.2.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
06/19/2008 USGCB Windows Vista (2.0.x.0)
IV
  • Microsoft Windows Vista
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
06/19/2008 USGCB Windows Vista Firewall (2.0.x.0)
IV
  • Microsoft Windows XP Pro Service Pack 3
  • Microsoft Windows XP Pro Service Pack 2
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
06/19/2008 USGCB Windows XP Firewall (2.0.x.0)
IV
  • Microsoft Windows XP Pro SP2
  • Microsoft Windows XP Service Pack 3
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
06/19/2008 USGCB Windows XP (2.0.x.0)
IV
  • Red Hat Enterprise Linux 5
  • Operating System
  • Technology Infrastructure Subcommittee (TIS)
02/28/2011 USGCB Red Hat Enterprise Linux (RHEL) 5 Desktop (1.0.5.0)
III*
  • Adobe Acrobat Reader
  • Desktop Application
  • National Security Agency
09/29/2011 Adobe Acrobat Reader X Secure Configuration Benchmark (10.1.1)
III*
  • HP HP-UX 11.31
  • Operating System
  • Defense Information Systems Agency
06/04/2012 HP-UX 11.31 STIGS Benchmark (Version 1, Release 0.6)
III*
  • IBM AIX 6.1
  • Operating System
  • Defense Information Systems Agency
06/03/2012 AIX 6.1 STIG Benchmark (Version 1, Release 0.6)
III
  • IBM Tivoli Identity Manager 4.6
  • Identity Management
  • National Security Agency
  • MITRE
06/15/2011 IBM Tivoli Identity Manager Security Guide (4.6)
III
  • Microsoft Outlook 2007
  • Microsoft Word 2007
  • Microsoft Office 2007
  • Microsoft Access 2007
  • Microsoft Excel 2007
  • Microsoft Infopath 2007
  • Microsoft PowerPoint 2007
  • Microsoft Visio 2007
  • Desktop Application
  • Office Suite
  • Defense Information Systems Agency
12/03/2009 Microsoft Office 2007 STIG (Version 4, Release 1)
III*
  • Microsoft Windows Vista
  • Microsoft Internet Explorer
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
08/27/2010 Microsoft Windows Vista Security Checklist (Version 6 Release 1.19)
III*
  • Microsoft Windows Defender
  • Microsoft Internet Explorer
  • Microsoft Windows Mail
  • Microsoft Windows Media Player
  • Microsoft Windows Server 2008
  • Desktop Application
  • Malware
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
04/29/2011 Windows Server 2008 STIG (Version 6, Release 1.19)
III*
  • Microsoft Windows Vista
  • Microsoft Internet Explorer
  • Web Browser
  • Operating System
  • Defense Information Systems Agency
07/27/2012 Microsoft Windows Vista STIG (Version 6 Release 1.26)
III*
  • Microsoft Internet Explorer 8
  • Web Browser
  • Defense Information Systems Agency
07/27/2012 Internet Explorer 8 STIG (Version 1, Release 7)
III*
  • Microsoft Internet Explorer 9
  • Web Browser
  • Defense Information Systems Agency
07/27/2012 Internet Explorer 9 STIG (Version 1, Release 3)
III
  • Microsoft Office SharePoint Server 2007
  • Enterprise Application
  • National Security Agency
  • MITRE
06/15/2011 SharePoint Server 2007 Security Guide (1.0)
* This checklist is still undergoing review for inclusion into the NCP at this tier ranking.