Overview
This course covers the following learning outcomes and goals: understanding PCI DSS compliance standards, identifying reasons for PCI DSS failures, learning about cardholder data segmentation and storage, gaining insights into vulnerability management and security testing, and recognizing common PCI DSS failure points. The course teaches individual skills such as scoping PCI DSS requirements, conducting vulnerability scans, managing audit logging, and setting up firewall rules. The teaching method includes case studies, guidance sessions, and sample transaction logs. The intended audience for this course includes individuals involved in data security, compliance officers, IT professionals, and anyone interested in understanding PCI DSS standards and failures.
Syllabus
Intro
PCI SSC Overview
PCI Security Standards
Why Do Companies Fail PCI DSS?
PCI DSS Compliance by Section
Cardholder Data Segmentation
PCI DSS Scoping Basics
PCI DSS Scoping Guidance
PCI Scoping Case Study #2
Storage of Cardholder Data
CHD Discovery Case Study
Sample Transaction Log
Vulnerability Management
PCI DSS 6.1 / 6.2 Guidance
Security Testing
Vulnerability Scan Case Study
Audit Logging
Firewall Rules
Other Common PCI DSS Failure Points