PCI DSS: Detection, Assurance, and Management

Focused View

John Elliott

3:34:07

98 View

Module 1 - Course Overview

1. Course Overview.mp4

01:55

Module 2 - Requirement 10

1. Navigating the PCI DSS Standards.mp4

04:37

2. Requirement 10.1.mp4

01:57

3. Requirement 10.2.mp4

03:21

4. Requirement 10.3.mp4

00:54

5. Requirement 10.4.mp4

03:00

6. Requirement 10.5.mp4

03:22

7. Requirement 10.6.mp4

03:48

8. Requirement 10.7.mp4

00:58

9. Requirement 10.8.mp4

04:15

10. Requirement 10.9.mp4

01:18

11. How, What, and Why Logging_.mp4

04:16

12. Outsourcing and Responding to Alerts.mp4

01:38

13. Common Problems and Cloud Environments.mp4

01:59

14. Frequency of Log Reviews and Analysis.mp4

02:57

15. Synchronising Time and Cloud Considerations.mp4

03:59

16. Assessment Failures and Good Practice.mp4

08:00

Module 3 - Requirement 11

1. Requirement 11.1.mp4

03:39

2. Requirement 11.2.mp4

07:00

3. Requirement 11.4.mp4

02:33

4. Requirement 11.5.mp4

02:07

5. Requirement 11.6.mp4

00:56

6. The Practicalities of Wireless Scanning.mp4

03:35

7. Vulnerability Scanning_ Common Problems and Practical Tips.mp4

07:23

8. Significant Changes, Cloud Environments, and Missed Scans.mp4

04:38

9. Assessing Intruder Detection and File Integrity Monitoring.mp4

07:34

Module 4 - Requirement 11.3

1. Requirement 11.3.mp4

05:46

2. Scoping the Three Different Types of Test.mp4

03:58

3. Penetration Testing_ Methodologies and Procurement.mp4

10:23

4. Assessing External, Internal, and Segmentation Penetration Tests.mp4

12:08

5. Testing Segmentation and Validating Scope.mp4

05:17

Module 5 - Requirement 12

1. Requirement 12.1.mp4

03:44

2. Requirement 12.2.mp4

02:08

3. Requirement 12.3.mp4

06:27

4. Requirement 12.4.mp4

02:48

5. Requirement 12.5.mp4

01:59

6. Requirement 12.6.mp4

02:18

7. Requirement 12.7.mp4

02:03

8. Assessing Policies and the Risk Assessment.mp4

03:55

9. Assessing Critical User Technologies and Responsibilities.mp4

05:16

10. Defined Roles, Security Awareness, and Screening.mp4

06:32

11. Second Year Assessments and Causes of Data Breaches.mp4

02:12

Module 6 - Requirement 12

1. Requirement 12.8.mp4

10:31

2. Requirement 12.9.mp4

00:58

3. Assessing the Compliance of Service Providers.mp4

10:21

4. Card Brand Listing of Service Providers.mp4

01:51

5. The Service Providers Obligations.mp4

01:47

Module 7 - Requirement 12

1. Requirement 12.10.mp4

06:22

2. Non-generic Plans and Incident Preparation.mp4

07:53

3. Requirement 12.11.mp4

02:59

4. Service Providers BAU Compliance.mp4

02:52

Description

Requirements 10, 11, & 12 of PCI DSS version 3.2.1 are to monitor & test networks, and to maintain an information security policy. Understand what each requirement asks for and discover practical guidance from experienced PCI assessors.

What You'll Learn?

The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they'll be assessed. In this course, PCI DSS: Detection, Assurance, and Management, you’ll learn how to interpret PCI DSS requirements 10, 11, & 12, and apply them to your network. First, you’ll learn the how PCI DSS wants access to network resources and cardholder data to be tracked and monitored. Next, you’ll explore the requirement to regularly test security systems and processes. You’ll also see the final requirement in PCI DSS which is to maintain a policy that addresses information security for all personnel. Finally, you’ll discover practical insights about all three requirements from experienced PCI assessors. When you’ve finished with this course you'll have the skills and knowledge to apply PCI DSS requirements 3, 4, 5, & 6 to an organization’s environment and to determine whether they are compliant with the demands of the standard.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Cyber Security

Network Security

Information Security

John Elliott

Instructor's Courses

John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI Security Standards Council, and contributed to many of the PCI standards including PCI DSS v4. He has LLM in Information Rights Law, holds the expected information security certificates (CISSP, CISA , CRISC, CDPSE) and is a Fellow of the British Computer Society - the Chartered Institute for IT.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.