Learn everything about the Payment Card Industry Data Security Standards, including assessment and the 12 requirements.
Sub Category
- Network & Security
{inAds}
Objectives
- You'll learn about the terminology essential to the PCI-DSS, such as CDE, CHD, SAD, PANs, SAQs, ROCs, QSAs, as well as other payment industry terms
- You'll learn about the history of the PCI-DSS and its major revisions
- You'll learn about how the assessment process works, with ROCs and SAQs, and a clarification of the 8 types of SAQs
- You'll learn everything about Requirement 1, involving having a firewall configuration to isolate your card data, network documentation and more
- You'll learn everything about Requirement 2, including changing vendor defaults, isolating server functionality and securing vulnerabilities in devices
- You'll learn everything about Requirement 3 in terms of securing stored data, including encryption protocols, key lifecycle, key management and more
- You'll learn everything about Requirement 4, protecting data in transit, including masking plaintext PANs and using strong encryption protocols such as WPA/WPA2
- You'll learn everything about Requirement 5, in terms of preventing malware through an antivirus solution that is frequently updated and frequently runs scans
- You'll learn everything about Requirement 6, in terms of developing securely, doing regular vulnerability assessment and patching
- You'll learn everything about Requirement 7, in terms of limiting access to card data by "need-to-know", minimising who accesses it formally
- You'll learn everything about Requirement 8, in terms of identifying access through unique user IDs, strong authentication and MFA, password practices and more
- You'll learn everything about Requirement 9, in terms of physical security, visitor identification/authorisation, as well as media storage/transport/destruction
- You'll learn everything about Requirement 10, in terms of having a logging solution, logging specific required events, specific data points, and log integrity
- You'll learn everything about Requirement 11, in terms of doing regular AP (authorised + rogue) and IP audits, vulnerability testing, pentesting, etc
- You'll learn everything about Requirement 12, in terms of having a company-wide InfoSec policy, including employee screening, third-party screening, etc
Pre Requisites
- You don't need any prior knowledge (knowledge of the payment industry or InfoSec helps, but is NOT required)
FAQ
- Q. How long do I have access to the course materials?
- A. You can view and review the lecture materials indefinitely, like an on-demand channel.
- Q. Can I take my courses with me wherever I go?
- A. Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
{inAds}
Coupon Code(s)