PCI DSS: Restricting Access to Cardholder Data

سرفصل های دوره

Requirements 7, 8 & 9 of PCI DSS version 3.2.1 are to Implement Strong Access Control Measures for logical and physical cardholder data. You'll understand what each requirement asks for and discover practical guidance from experienced PCI assessors.

1 - Course Overview

1. Course Overview

2 - Requirement 7

1. Navigating the PCI DSS Standards

2. Requirement 7.1

3. Requirement 7.2

4. Requirement 7.3

5. Strategies for Success with Requirement 7

6. Where Requirement 7 Goes Wrong

7. What Is an Access Control System_

8. The Second QSA Assessment, Compromises, and Compensating Controls

3 - Requirement 8

1. Requirement 8.1

2. Requirement 8.2

3. Requirement 8.3

4. Requirement 8.4

5. Requirement 8.5

6. Requirement 8.6

7. Requirement 8.7

8. Requirement 8.8

9. Understanding the User Life Cycle and Service Accounts

10. Passwords and Password Managers

11. Multi-factor Authentication and Jump Hosts

12. SSH Keys and MFA

13. Typical Identification and Authentication Failures

14. Database Access Restrictions (Requirement 8.7)

15. Assessment Failures, Crummy MFA, and Data Compromises

4 - Requirement 9

1. Requirement 9.1

2. Requirement 9.2

3. Requirement 9.3

4. Requirement 9.4

5. Requirement 9.5

6. Requirement 9.6

7. Requirement 9.7

8. Requirement 9.8

9. Why QSAs Fixate on Physical Requirements

10. The Labelling Media Myth

11. CCTV, Legal Constraints, and Outsourced Data Centers

12. Physical Security & Data Breaches, and Assessments

5 - Requirement 9.9

1. Requirement 9.9

2. Requirement 9.10

3. The Scope and Challenges of Requirement 9.9

4. Risk, Tethering, and Defining Periodic for Different Types of Merchants

5. Managing Access to Cardholder Data

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight