Fundamentals of PCI-DSS v4.0.0
Learn everything about the Payment Card Industry Data Security Standards, including assessment and the 12 requirements.
4.69 (1681 reviews)
10,307
students
19 hours
content
Oct 2024
last update
$84.99
regular price
What you will learn
You'll learn about the terminology essential to the PCI-DSS, such as CDE, CHD, SAD, PANs, SAQs, ROCs, QSAs, as well as other payment industry terms
You'll learn about the history of the PCI-DSS and its major revisions
You'll learn about how the assessment process works, with ROCs and SAQs, and a clarification of the 8 types of SAQs
You'll learn everything about Requirement 1, involving having a firewall configuration to isolate your card data, network documentation and more
You'll learn everything about Requirement 2, including changing vendor defaults, isolating server functionality and securing vulnerabilities in devices
You'll learn everything about Requirement 3 in terms of securing stored data, including encryption protocols, key lifecycle, key management and more
You'll learn everything about Requirement 4, protecting data in transit, including masking plaintext PANs and using strong encryption protocols such as WPA/WPA2
You'll learn everything about Requirement 5, in terms of preventing malware through an antivirus solution that is frequently updated and frequently runs scans
You'll learn everything about Requirement 6, in terms of developing securely, doing regular vulnerability assessment and patching
You'll learn everything about Requirement 7, in terms of limiting access to card data by "need-to-know", minimising who accesses it formally
You'll learn everything about Requirement 8, in terms of identifying access through unique user IDs, strong authentication and MFA, password practices and more
You'll learn everything about Requirement 9, in terms of physical security, visitor identification/authorisation, as well as media storage/transport/destruction
You'll learn everything about Requirement 10, in terms of having a logging solution, logging specific required events, specific data points, and log integrity
You'll learn everything about Requirement 11, in terms of doing regular AP (authorised + rogue) and IP audits, vulnerability testing, pentesting, etc
You'll learn everything about Requirement 12, in terms of having a company-wide InfoSec policy, including employee screening, third-party screening, etc
Screenshots
Related Topics
4384822
udemy ID
11/6/2021
course created date
11/15/2021
course indexed date
Bot
course submited by