Description
The Payment Card Industry (PCI) Data Security Standard (DSS) applies to every entity or organization that stores, processes, or transmits cardholder data. In this course, you will learn about the standard in detail and all its requirement.Along with that you will learn about various terminologies which are required to understand PCI DSS Compliance.
You will learn PCI DSS is STANDARD OR REGULATION ( No of Candidates have confusion around the same)
This course provides essential knowledge so that one can understand the Payment Card Industry Data Security Standard (PCI DSS). It will providing additional insight into both the standard and the compliance process.
You will learn intention of each of the 12 PCI DSS requirements and how these requirements will be accessed by a Qualified Security Assessor (QSA) to share information about the compliance readiness
For easy understanding complete course is divided in 10 Sections and topics covered in respective sections are defined as follows:
In Section 1 following topics are covered
Background – PCI DSS Standard
History – PCI DSS Standard
What do mean by PCI DSS
Why you should get PCI Compliant
Confusion around PCI DSS
In Section 2 following topics are covered wherein most common terminologies used in PCI DSS are covered.
What do Merchants, Provider or Issuers Mean ?
What is a Qualified Security Assessor (QSA)?
Who is ISA (Internal Security Assessor) ?
What is (SAQ) Self-Assessment Questionnaire ?
What is (AOC ) Attestation of Compliance ?
What is (RoC) Report on Compliance ?
In Section 3 following topics are covered wherein concepts like PCI DSS Scope and Its Requirements are covered in detail
How Card transaction work (Explained in 8 Steps)
PCI DSS Applicability
Systems In Scope of PCI DSS
6 Goals and 12 requirements
Imp- Structure of PCI DSS Standard
In Section 4 is about Goal 1 (Build and Maintain a Secure Network) wherein underlying Requirements are covered in detail
Req 1: Install and maintain a firewall configuration to protect cardholder data
Req 2: Don’t use vendor-supplied defaults for system passwords
In Section 5 is about Goal 2 (Protect Card Holder data) wherein underlying Requirements are covered in detail
Req 3: Protect stored cardholder data
Req 4 : Encrypt transmission of cardholder data across open, public networks
In Section 6 is about Goal 3 (Maintain a Vulnerability Management Program) wherein underlying Requirements are covered in detail
Req-5: Use and regularly update antivirus software or programs
Req-6 : Develop and maintain secure systems and applications
In Section 7 is about Goal 4 (Implement Strong Access Control Measures) wherein underlying Requirements are covered in detail
Req-7 : Restrict access to cardholder data by business need to know
Req-8 : Assign a unique ID to each person with computer access
Req-9 : Restrict physical access to cardholder data
In Section 8 is about Goal 5 (Goal-5 : Regularly Monitor and Test Networks) wherein underlying Requirements are covered in detail
Req-10 : Track and monitor all access to network resources and cardholder data
Req-11 : Regularly test security systems and processes
In Section 9 is about Goal 6 (Goal-6 : Maintain an Information Security Policy) wherein underlying Requirements are covered in detail
Req-12 : Maintain a policy that addresses information security for all personnel
In Section 10 we have covered following topics which helps you to understand as how Verification of PCI Compliance can be done
Levels of PCI Compliance/Merchant Levels
Scanning by ASV (APPROVED SCANNING VENDOR)
Verifying Compliance with PCI
Validating a Requirement is in Place
Meeting the reporting requirement of PCI DSS
Who this course is for:
Internal Auditors
IT Professionals
Cyber Security Managers
Engineers, Architects, Compliance officers
Professionals working in organizations where PCI-DSS applies
Requirements
Previous experience in IT
Zeal to Learn
Last Updated 2/2021
