PCI DSS: Detection, Assurance, and Management
Requirements 10, 11, & 12 of PCI DSS version 3.2.1 are to monitor & test networks, and to maintain an information security policy. Understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
What you'll learn
The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they'll be assessed. In this course, PCI DSS: Detection, Assurance, and Management, you’ll learn how to interpret PCI DSS requirements 10, 11, & 12, and apply them to your network. First, you’ll learn the how PCI DSS wants access to network resources and cardholder data to be tracked and monitored. Next, you’ll explore the requirement to regularly test security systems and processes. You’ll also see the final requirement in PCI DSS which is to maintain a policy that addresses information security for all personnel. Finally, you’ll discover practical insights about all three requirements from experienced PCI assessors. When you’ve finished with this course you'll have the skills and knowledge to apply PCI DSS requirements 3, 4, 5, & 6 to an organization’s environment and to determine whether they are compliant with the demands of the standard.
Table of contents
- Navigating the PCI DSS Standards 6m
- Requirement 10.1 2m
- Requirement 10.2 3m
- Requirement 10.3 1m
- Requirement 10.4 3m
- Requirement 10.5 3m
- Requirement 10.6 4m
- Requirement 10.7 1m
- Requirement 10.8 4m
- Requirement 10.9 1m
- How, What, and Why Logging? 4m
- Outsourcing and Responding to Alerts 2m
- Common Problems and Cloud Environments 2m
- Frequency of Log Reviews and Analysis 3m
- Synchronising Time and Cloud Considerations 4m
- Assessment Failures and Good Practice 8m
- Requirement 11.1 4m
- Requirement 11.2 7m
- Requirement 11.4 3m
- Requirement 11.5 2m
- Requirement 11.6 1m
- The Practicalities of Wireless Scanning 4m
- Vulnerability Scanning: Common Problems and Practical Tips 7m
- Significant Changes, Cloud Environments, and Missed Scans 5m
- Assessing Intruder Detection and File Integrity Monitoring 8m
- Requirement 12.1 4m
- Requirement 12.2 2m
- Requirement 12.3 6m
- Requirement 12.4 3m
- Requirement 12.5 2m
- Requirement 12.6 2m
- Requirement 12.7 2m
- Assessing Policies and the Risk Assessment 4m
- Assessing Critical User Technologies and Responsibilities 5m
- Defined Roles, Security Awareness, and Screening 7m
- Second Year Assessments and Causes of Data Breaches 2m
About the authors
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S... more