Working with the PCI DSS 4.0 Compliance Requirements
Focused View
Laura Louthan
2:44:38
90 View
01 - Introduction to PCI 4.0.mp4
00:38
02 - What you should know as background for this course.mp4
02:01
03 - How this course is designed to help you learn.mp4
04:11
01 - Network security Creating strong network security controls.mp4
03:58
02 - Network security Controlling traffic appropriately.mp4
04:45
01 - Secure configurations Building hardening standards.mp4
06:27
01 - Stored PANs Which data can you store and how.mp4
09:00
02 - Cryptographic controls for stored PAN data.mp4
04:05
03 - Key management policies and procedures.mp4
04:05
01 - Safely sending PAN data using strong cryptography.mp4
05:02
01 - Anti-malware options and anti-phishing.mp4
07:20
01 - Secure development.mp4
04:12
02 - Security vulnerabilities and protecting public sites.mp4
04:59
03 - Change management requirements.mp4
06:10
01 - Designing access controls.mp4
06:01
02 - Access control systems.mp4
02:16
01 - Basic user ID requirements.mp4
06:26
02 - Strong authentication for PCI.mp4
07:46
03 - Multifactor authentication requirements.mp4
04:13
04 - System and application account requirements.mp4
02:35
01 - Managing physical access.mp4
05:59
02 - Managing physical media.mp4
04:55
03 - Managing physical payment devices.mp4
03:00
01 - Collecting audit logs.mp4
05:06
02 - Reviewing audit logs.mp4
03:03
03 - Time synchronization for logs.mp4
02:04
04 - Critical security control failures.mp4
03:12
01 - Protecting wireless access points.mp4
02:01
02 - Vulnerability scanning.mp4
05:06
03 - Penetration testing.mp4
05:41
04 - Network intrusions and unexpected file changes.mp4
03:16
01 - Information security policy and acceptable use.mp4
03:13
02 - Risk management and tracking PCI compliance.mp4
05:59
03 - Tracking PCI scope, maintaining awareness, and screening.mp4
05:58
04 - Third-party service provider risks.mp4
03:52
05 - Incident response.mp4
03:47
01 - Next steps to meet PCI 4.0.mp4
02:16
Description
If you have a business, organization, or entity of any kind that processes, transmits, or stores cardholder data, you need to meet PCI Data Security Standards. In this course, Laura Louthan covers what you need to know to be in compliance and work with PCI DSS—the Payment Card Industry Data Security Standard, focusing specifically on the newest control version 4.0. Laura dives into the 12 main PCI requirements, their child controls (totaling over 300), and how to meet the intent of each control as you work toward full compliance. Whether you’re a merchant, payment processor, data center, or any other business that needs to ensure the security of cardholder data, follow along with Laura’s advice on installing and maintaining security controls; configuring components; protecting data, systems, and networks; securing systems and software; controlling, authenticating, and restricting access; logging and monitoring access; security testing; risk management; and more.
More details
User Reviews
Rating
average 0
Focused display
Laura Louthan
Instructor's CoursesExperienced Information Security and IT Leader Delivering Enterprise Security and Compliance Solutions for Global Corporations
With more than 15 years’ experience in IT architecture and data management, I have had the opportunity over the past five years to direct information security and compliance initiatives for global corporations. Managing risk while improving security in complex international environments has provided the opportunity for me to implement fully IT solutions in support of business objectives while maintaining a competitive edge.
■ IT Security Compliance
Provided secure network design, established policies and standards enterprise-wide, collaborated with IT across multiple business units to build compliant and secure environment, and brought legacy systems into compliance by identifying various options that minimized impact to the business and controlled costs.
■ Audit and Assessment
As a PCI-certified Internal Security Assessor (ISA), ensured PCI Compliance assessments and subsequent documentation for multiple assessment environments, including highly complex situations that previously were not thoroughly reviewed. Based on ISA requirements, implemented various security improvements in assessment years. Qualified as an ISACA CISA in 2021.
■ Contract and Agreement Negotiation
Oversaw contracts and questionnaires group, handling the review of all security wording in external facing contracts for both customers and suppliers. Brought insourced employees onboard to perform Tier 1 review and redline bilingually, improving and creating metrics, formulating SLAs and building efficiencies in process and institutional sharing of knowledge.
■ Specialty Skills
:: Information Security
:: Cloud Security
:: PCI Compliance and Readiness
:: ISO 27001 Implementation and Maintenance
:: Security Risk Management
:: Regulatory Compliance (HIPAA)
:: Infrastructure Operations
:: Strategic Planning
:: Security Compliance Frameworks (SOC, NIST)
:: Program and Project Management
:: Third Party Risk Management
Linkedin Learning
View courses Linkedin LearningLinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications.
It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.
- language english
- Training sessions 37
- duration 2:44:38
- English subtitles has
- Release Date 2023/07/02
