Working with the PCI DSS 4.0 Compliance Requirements

سرفصل های دوره

If you have a business, organization, or entity of any kind that processes, transmits, or stores cardholder data, you need to meet PCI Data Security Standards. In this course, Laura Louthan covers what you need to know to be in compliance and work with PCI DSS—the Payment Card Industry Data Security Standard, focusing specifically on the newest control version 4.0. Laura dives into the 12 main PCI requirements, their child controls (totaling over 300), and how to meet the intent of each control as you work toward full compliance. Whether you’re a merchant, payment processor, data center, or any other business that needs to ensure the security of cardholder data, follow along with Laura’s advice on installing and maintaining security controls; configuring components; protecting data, systems, and networks; securing systems and software; controlling, authenticating, and restricting access; logging and monitoring access; security testing; risk management; and more.

01 - Introduction

01 - Introduction to PCI 4.0

02 - What you should know as background for this course

03 - How this course is designed to help you learn

02 - 1. Requirement 1 Install and Maintain Network Security Controls

01 - Network security Creating strong network security controls

02 - Network security Controlling traffic appropriately

03 - 2. Requirement 2 Apply Secure Configurations to All System Components

01 - Secure configurations Building hardening standards

04 - 3. Requirement 3 Protect Stored Account Data

01 - Stored PANs Which data can you store and how

02 - Cryptographic controls for stored PAN data

03 - Key management policies and procedures

05 - 4. NAME ADJUSTMENT NEEDED

01 - Safely sending PAN data using strong cryptography

06 - 5. Requirement 5 Protect All Systems and Networks from Malicious Software

01 - Anti-malware options and anti-phishing

07 - 6. Requirement 6 Develop and Maintain Secure Systems and Software

01 - Secure development

02 - Security vulnerabilities and protecting public sites

03 - Change management requirements

08 - 7. Requirement 7 Restrict Access to System Components and Cardholder Data by Business Need to Know

01 - Designing access controls

02 - Access control systems

09 - 8. Requirement 8 Identify Users and Authenticate Access to System Components

01 - Basic user ID requirements

02 - Strong authentication for PCI

03 - Multifactor authentication requirements

04 - System and application account requirements

10 - 9. Requirement 9 Restrict Physical Access to Cardholder Data

01 - Managing physical access

02 - Managing physical media

03 - Managing physical payment devices

11 - 10. Requirement 10 Log and Monitor All Access to System Components and Cardholder Data

01 - Collecting audit logs

02 - Reviewing audit logs

03 - Time synchronization for logs

04 - Critical security control failures

12 - 11. Requirement 11 Test the Security of Systems and Networks Regularly

01 - Protecting wireless access points

02 - Vulnerability scanning

03 - Penetration testing

04 - Network intrusions and unexpected file changes

13 - 12. Requirement 12 Support Information Security with Organizational Policies and Programs

01 - Information security policy and acceptable use

02 - Risk management and tracking PCI compliance

03 - Tracking PCI scope, maintaining awareness, and screening

04 - Third-party service provider risks

05 - Incident response

14 - Conclusion

01 - Next steps to meet PCI 4.0

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)