PCI DSS: Detection, Assurance, and Management

Requirements 10, 11, & 12 of PCI DSS version 3.2.1 are to monitor & test networks, and to maintain an information security policy. Understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
Course info
Level
Intermediate
Updated
Feb 6, 2020
Duration
3h 34m
Table of contents
Course Overview
Requirement 10: Track and Monitor Access to Resources and Data
Requirement 11: Regularly Test Security Systems and Processes
Requirement 11.3: Penetration Testing
Requirement 12: Maintain a Policy that Addresses Information Security
Requirement 12 Continued: Third-party Service Providers
Requirement 12 Continued: Incident Management
Description
Course info
Level
Intermediate
Updated
Feb 6, 2020
Duration
3h 34m
Description

The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they'll be assessed. In this course, PCI DSS: Detection, Assurance, and Management, you’ll learn how to interpret PCI DSS requirements 10, 11, & 12, and apply them to your network. First, you’ll learn the how PCI DSS wants access to network resources and cardholder data to be tracked and monitored. Next, you’ll explore the requirement to regularly test security systems and processes. You’ll also see the final requirement in PCI DSS which is to maintain a policy that addresses information security for all personnel. Finally, you’ll discover practical insights about all three requirements from experienced PCI assessors. When you’ve finished with this course you'll have the skills and knowledge to apply PCI DSS requirements 3, 4, 5, & 6 to an organization’s environment and to determine whether they are compliant with the demands of the standard.

About the author
About the author

John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.

More from the author
PCI DSS: Restricting Access to Cardholder Data
Intermediate
2h 7m
Dec 16, 2019
More courses by John Elliott
About the author

Jacob Ansari worked on Pluralsight courses that cover the topic of PCI DSS Standards.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] My name is John Elliot. Welcome to the course PC. Idea says detection assurance and management. In this course, I bring together the theoretical knowledge of PC. Idea says requirements 10 11 and 12 along with the practical experience of how the standards really works. And I'm Jacob. I'm sorry I'm a qualified security assessor or que esa with Shellman and company, and I'm qualified to assess many of the PC I standards, including PC ideas, S p. A. D. S S and P. T. P. I've been an assessor for 14 years and have been doing this since the predecessor standards to PC Ideas. Yes, in this course will learn about all of the governor's risk and compliance focused requirements in the standard, including management responsibilities, what you need to do in respect of third parties, pliers and how to prepare for an incident. You'll also learn about the requirements in PC Idea says, to keep audit logs of all activity that could affect the security of the system. We'll also talk about ___________, testing and vulnerability management. So those are things that keep the environment in a good state. For each requirement, I'm going to cover what the standard say's what it means or what will be assessed by JK USA. Then Jacob and I will discuss some of the key practical aspect of getting compliant and being assessed. Ideally, you'll already understand the basics of payment card processing and P. C. I. D. S s. But if you just want to get to grips with the requirement, you be able to jump straight in with no problems. By the end of this course, you'll have a great understanding of both the theory and the practice to help you implement logging, testing and governance related PC idea sets requirements. We do hope you'll join us to learn the theory and practice behind PC ideas as requirements. 10 11 and 12 with the PC idea says Detection assurance and management course here Plural site.