PCI DSS: Restricting Access to Cardholder Data
|
Requirements 7, 8 & 9 of PCI DSS version 3.2.1 are to Implement Strong Access Control Measures for logical and physical cardholder data. You’ll understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they will be assessed. In this course, PCI DSS: Restricting Access to Cardholder Data, you’ll learn how to interpret PCI DSS requirements 7, 8 & 9, and apply them to your organization. First, you’ll learn how PCI DSS wants role-based access and based on least privilege and need to know. Next, you’ll explore the long and prescriptive requirements about username, passwords and multi-factor authentication. Then you’ll take a look at the requirements related to the protection of cardholder data in physical format – written in paper and saved to electronic media. Finally, you’ll discover practical insights about both requirements from experienced PCI assessors. When you’ve finished with this course you will have the skills and knowledge to apply PCI DSS requirements 7, 8 and 9 to any organization’s environment and to determine whether it is compliant with the demands of the standard.
Author Name: John Elliott
Author Description:
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S… more
User Reviews
Be the first to review “PCI DSS: Restricting Access to Cardholder Data”
Related Products
Microsoft Information Protection and Compliance: Managing Insider and Privacy Risk
Most companies are aware of threats posed by bad actors outside of the organization, but is your company prepared for threats posed by insiders?
SnowPro Advanced Data Engineer: Security
This course introduces Snowflake’s security model and features, which are critical for performing data engineering tasks and keeping your data and account safe. They are required components of the SnowPro Data Engineer exam.
Microsoft Information Protection and Compliance: Implementing Information Protection
Unlock data protection mastery with this course. Learn how to manage sensitive info, classify data, apply label policies, and implement email encryption in Microsoft Purview.
Securing SQL Server Applications
Dive deep into SQL Server application security! Learn vital techniques to protect data, detect vulnerabilities, and implement robust security practices to safeguard your applications.
Designing/Deploying Exchange 2016: Compliance & Archiving
This course will teach you about Exchange 2016 compliance and archiving. Along with other courses in the series, this course will help to prepare you for the Microsoft 70-345 exam.
Microsoft Information Protection and Compliance: Monitoring with Microsoft Purview
This course will teach you how to plan and manage regulatory requirements, master eDiscovery and content search techniques, and effectively manage and analyze audit logs and reports in Microsoft Purview.
There are no reviews yet.