PCI DSS: Securing Data, Systems, and Applications

Focused View

John Elliott

3:16:09

35 View

01 - Course Overview

01 - Course Overview.mp4

01:48

02 - Requirement 3 - Storage of Cardholder Data

02 - Navigating the PCI DSS Standards.mp4

04:37

03 - Requirement 3.1.mp4

02:57

04 - Requirement 3.2.mp4

05:23

05 - Requirement 3.3.mp4

02:29

06 - Requirement 3.4.mp4

07:57

07 - Requirement 3.5.mp4

06:24

08 - Requirement 3.6.mp4

10:42

09 - Requirement 3.7.mp4

00:58

10 - Why Do People Store Cardholder Data.mp4

01:55

11 - Retention Periods and Data Deletion.mp4

02:32

12 - Storing Sensitive Authentication Data.mp4

01:01

13 - Masking and Truncation of Cardholder Data .mp4

05:08

14 - Data Compromises Involving Stored Data.mp4

03:37

15 - Compensating Controls for Requirements 3.1 to 3.3.mp4

01:23

16 - Protecting Stored PANs Truncation & Tokenization.mp4

12:07

17 - Encrypting Cardholder Data .mp4

10:54

18 - Cryptography, Breaches and the Problems with Full Disk Encryption .mp4

04:32

03 - Requirement 4 - Encryption of Transmitted Cardholder Data

19 - Requirement 4.1.mp4

05:01

20 - Requirement 4.2.mp4

01:47

21 - Requirement 4.3.mp4

00:41

22 - Using TLS Correctly.mp4

09:58

23 - Encryption on Internal Networks .mp4

01:48

04 - Requirement 5 - Anti-virus and Anti-malware

24 - Requirement 5.1.mp4

06:08

25 - Requirement 5.2.mp4

01:03

26 - Requirement 5.3.mp4

01:38

27 - Requirement 5.4.mp4

00:50

28 - Anti-virus and Anti-malware Software.mp4

10:23

05 - Requirement 6 - Vulnerability Management

29 - Requirement 6.1.mp4

04:38

30 - Requirement 6.2.mp4

01:25

31 - Vulnerability Management.mp4

11:32

06 - Requirement 6 Continued - Change Control in the CDE

32 - Requirement 6.4.mp4

13:22

33 - Managing Change in Business-as-usual.mp4

07:42

07 - Requirement 6 Continued - Security in Software Development

34 - Requirement 6.3.mp4

06:05

35 - Requirement 6.5.mp4

07:36

36 - Requirement 6.6.mp4

02:27

37 - Requirement 6.7.mp4

00:39

38 - Secure Software Development and Code Reviews.mp4

07:42

39 - Secure Coding and Developer Training.mp4

03:33

40 - Web Facing Applications.mp4

03:47

Description

Requirements 3 to 6 of PCI DSS version 3.2.1 are to protect cardholder data and maintain a vulnerability management program. You'll understand what each requirement asks for and discover practical guidance from experienced PCI assessors.

What You'll Learn?

The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they will be assessed. In this course, PCI DSS: Securing Data, Systems, and Applications, you’ll learn how to interpret PCI DSS requirements 3 through 6 and apply them to your organization. First, you’ll learn how PCI DSS wants stored cardholder data to be protected. Next, you’ll explore the requirement to encrypt cardholder data in transit and the requirement to protect systems against malware. Then, you’ll take a look at the largest requirement in PCI DSS which is to develop and maintain secure systems and applications. Finally, you’ll discover practical insights about all four requirements from experienced PCI assessors. When you’ve finished with this course, you'll have the skills and knowledge to apply PCI DSS requirements 3 through 6 to an organization’s environment and to determine whether it is compliant with the demands of the standard.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

CISSP - Certified Information Systems Security Professional

Cyber Security

Network Security

Information Security

Cyber Security Awareness

John Elliott

Instructor's Courses

John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI Security Standards Council, and contributed to many of the PCI standards including PCI DSS v4. He has LLM in Information Rights Law, holds the expected information security certificates (CISSP, CISA , CRISC, CDPSE) and is a Fellow of the British Computer Society - the Chartered Institute for IT.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.