- Course
- Security
PCI DSS: Securing Data, Systems, and Applications
Requirements 3 to 6 of PCI DSS version 3.2.1 are to protect cardholder data and maintain a vulnerability management program. You'll understand what each requirement asks for and discover practical guidance from experienced PCI assessors.
What you'll learn
The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they will be assessed. In this course, PCI DSS: Securing Data, Systems, and Applications, you’ll learn how to interpret PCI DSS requirements 3 through 6 and apply them to your organization. First, you’ll learn how PCI DSS wants stored cardholder data to be protected. Next, you’ll explore the requirement to encrypt cardholder data in transit and the requirement to protect systems against malware. Then, you’ll take a look at the largest requirement in PCI DSS which is to develop and maintain secure systems and applications. Finally, you’ll discover practical insights about all four requirements from experienced PCI assessors. When you’ve finished with this course, you'll have the skills and knowledge to apply PCI DSS requirements 3 through 6 to an organization’s environment and to determine whether it is compliant with the demands of the standard.
Table of contents
- Navigating the PCI DSS Standards | 5m 48s
- Requirement 3.1 | 2m 57s
- Requirement 3.2 | 5m 23s
- Requirement 3.3 | 2m 29s
- Requirement 3.4 | 7m 57s
- Requirement 3.5 | 6m 24s
- Requirement 3.6 | 10m 43s
- Requirement 3.7 | 58s
- Why Do People Store Cardholder Data? | 1m 55s
- Retention Periods and Data Deletion | 2m 32s
- Storing Sensitive Authentication Data | 1m 1s
- Masking and Truncation of Cardholder Data | 5m 8s
- Data Compromises Involving Stored Data | 3m 37s
- Compensating Controls for Requirements 3.1 to 3.3 | 1m 23s
- Protecting Stored PANs – Truncation & Tokenization | 12m 7s
- Encrypting Cardholder Data | 10m 54s
- Cryptography, Breaches and the Problems with Full Disk Encryption | 4m 32s
About the authors
John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.
More Courses by JohnJacob Ansari worked on Pluralsight courses that cover the topic of PCI DSS Standards.
More Courses by Jacob