Requirements 10, 11, & 12 of PCI DSS version 3.2.1 are to monitor & test networks, and to maintain an information security policy. Understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they'll be assessed. In this course, PCI DSS: Detection, Assurance, and Management, you’ll learn how to interpret PCI DSS requirements 10, 11, & 12, and apply them to your network. First, you’ll learn the how PCI DSS wants access to network resources and cardholder data to be tracked and monitored. Next, you’ll explore the requirement to regularly test security systems and processes. You’ll also see the final requirement in PCI DSS which is to maintain a policy that addresses information security for all personnel. Finally, you’ll discover practical insights about all three requirements from experienced PCI assessors.
When you’ve finished with this course you'll have the skills and knowledge to apply PCI DSS requirements 3, 4, 5, & 6 to an organization’s environment and to determine whether they are compliant with the demands of the standard.
Course Overview [Autogenerated] Hello. My name is John Elliott. Welcome to the course. PC IDE, CSS detection assurance and management. In this course, I bring together the theoretical knowledge of PC IDE CSS requirements 10, 11 and 12 along with the practical experience of how the standards really works. And I'm Jacob. I'm sorry, I'm a qualified security assessor or que se with schellman and company, and I'm qualified to assess many of the PC I standards, including PC IDE S S P. A. D. S S and P two p. I've been an assessor for 14 years and have been doing this since the predecessor standards to PC IDE CSS. In this course, you will learn about all of the governance, risk and compliance focussed requirements of the standard, including management responsibilities, what you need to do in respect of third-party suppliers and how to prepare for an incident. You'll also learn about the requirements and PC idea says to keep audit logs of all activity that could affect the security of the system. We'll also talk about ___________, testing and vulnerability management. So those error things that keep the environment in a good state for each requirement I'm going to cover what the standard says, what it means on what will be assessed by a Husa. Then Jacob and I will discuss some of the key practical aspect of getting compliant and being assessed. Ideally, you'll already understand the basics of payment card processing and PC IDE CSS. But if you just want to get to grips with the requirement, you'll be able to jump straight in with no problems. By the end of this course, you'll have a great understanding of both the theory and the practice to help you implement logging, testing and governance related PC IDE CSS requirements. We do hope you will join us to learn the theory and practice behind PC ideas as requirements. 10, 11 and 12 with the PC IDE CSS Detection Assurance on management course here, a Pluralsight.