Zur Startseite gehen
0,00 €*
Cover: 9781484292877 | The Definitive Guide to PCI DSS Version 4 | Jr. (u. a.) | Taschenbuch
Dekorationsartikel gehören nicht zum Leistungsumfang.
The Definitive Guide to PCI DSS Version 4
Documentation, Compliance, and Management
Taschenbuch von Arthur B. Cooper Jr. (u. a.)
Sprache: Englisch

64,19 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

Aktuell nicht verfügbar

Kategorien:
Beschreibung
This book is your go-to reference on how to achieve PCI compliance. With more than 400 PCI requirements, the updated PCI Data Security Standard (PCI DSS) v4.0 does not detail the specific documentation that a PCI auditor¿known as a Qualified Security Assessor (QSA)¿needs to know. This book is the first reference to detail the specific documentation needed for every PCI requirement. The authors provide real-world examples of complying with the 12 main PCI requirements and clarify many of the gray areas within the PCI DSS.
Any merchant or service provider that stores, processes, or transmits credit card data must comply with the PCI Data Security Standard. PCI DSS 1.0 was first published in 2004, yet many of those tasked with PCI compliance still encounter difficulties when trying to make sense of it. PCI DSS version 4 was published in March 2022, and at 360 pages, it has numerous additional requirements, leaving many people struggling to know what they need to do to comply.
PCI DSS v4.0 has a transition period in which PCI DSS version 3.2.1 will remain active for two years from the v4.0 publication date. Although the transition period ends on March 31, 2024, and may seem far away, those tasked with PCI compliance will need every bit of the time to acquaint themselves with the many news updates, templates, forms, and more, that PCI v4.0 brings to their world.

What Yoüll Learn

Know what it takes to be PCI compliant
Understand and implement what is in the PCI DSS
Get rid of cardholder data
Everything you need to know about segmenting your cardholder data network
Know what documentation is needed for your PCI compliance efforts
Leverage real-world experience to assist PCI compliance work

Who This Book Is For Compliance managers and those tasked with PCI compliance, information security managers, internal auditors, chief security officers, chief technology officers, and chief information officers. Readers should have a basic understanding of how credit card payment networks operate, in addition to basic security concepts.
This book is your go-to reference on how to achieve PCI compliance. With more than 400 PCI requirements, the updated PCI Data Security Standard (PCI DSS) v4.0 does not detail the specific documentation that a PCI auditor¿known as a Qualified Security Assessor (QSA)¿needs to know. This book is the first reference to detail the specific documentation needed for every PCI requirement. The authors provide real-world examples of complying with the 12 main PCI requirements and clarify many of the gray areas within the PCI DSS.
Any merchant or service provider that stores, processes, or transmits credit card data must comply with the PCI Data Security Standard. PCI DSS 1.0 was first published in 2004, yet many of those tasked with PCI compliance still encounter difficulties when trying to make sense of it. PCI DSS version 4 was published in March 2022, and at 360 pages, it has numerous additional requirements, leaving many people struggling to know what they need to do to comply.
PCI DSS v4.0 has a transition period in which PCI DSS version 3.2.1 will remain active for two years from the v4.0 publication date. Although the transition period ends on March 31, 2024, and may seem far away, those tasked with PCI compliance will need every bit of the time to acquaint themselves with the many news updates, templates, forms, and more, that PCI v4.0 brings to their world.

What Yoüll Learn

Know what it takes to be PCI compliant
Understand and implement what is in the PCI DSS
Get rid of cardholder data
Everything you need to know about segmenting your cardholder data network
Know what documentation is needed for your PCI compliance efforts
Leverage real-world experience to assist PCI compliance work

Who This Book Is For Compliance managers and those tasked with PCI compliance, information security managers, internal auditors, chief security officers, chief technology officers, and chief information officers. Readers should have a basic understanding of how credit card payment networks operate, in addition to basic security concepts.
Über den Autor
Arthur B. Cooper Jr. ("Coop") is Principal Security Consultant at TrustedSec. He has 44 years of experience in information technology with the last 17 years focused on the security of payment systems and architectures, ecommerce, payment application assessments, forensic investigations, compliance security assessments, development of secure network architectures, risk management programs, security governance initiatives, and regulatory compliance. Coop was a member of the US Air Force for most of his young adult life and had direct experience with the original ARPANET and ARPANET 1822 Protocols. He was directly involved with the original DoD X.25 networks, the Defense Data Network (DDN), and the Automatic Digital Information Network (AUTODIN). He was directly involved with the original BBN Packet Switch Node (PSN) systems and has witnessed every major information technology "leap" or development since that time.

Coop was the Standards Trainer for the Payment Card Industry Security Standards Council (PCI SSC) for three years from 2010 to 2013 and has been a consultant to some of the largest retail companies and financial institutions in the world. He has worked with businesses to improve their overall security posture and to meet compliance regulations such as PCI, HIPAA, GLBA, and SOX. Coop is an experienced team leader and IT security expert who can ensure timely and successful completion of projects, as well as an enthusiastic security engineer researching emerging security technologies, trends, and tools. His certifications include: Security +, CEH, CISA, CDPSE, CISSP, PCIP, and PCI QSA.

Jeff Hall is Principal Security Consultant at Truvantis, Inc. He has over 30 years of technology and compliance project experience. Jeff has done a significant amount of work with financial institutions, and the health care, manufacturing, and distribution industries, including security assessments, strategic technology planning, and application implementation. He is part of the PCI Dream Team and is the writer of the PCI Guru blog, the definitive source for PCI DSS information.

David Mundhenk is Principal Security Consultant at the eDelta Consulting, as an information security, governance, risk, and compliance consultant with extensive multi-organizational experience providing a myriad of professional security services to business and government entities worldwide. He has worked as a computer and network system security professional for more than 30 years. David's experience covers a broad spectrum of security disciplines, including security compliance assessments, security product quality assurance, vulnerability scanning, penetration testing, application security assessments, network and host intrusion detection/prevention, disaster and recovery planning, protocol analysis, formal security training instruction, and social engineering. He has successfully completed 200+ PCI DSS assessments and scores of PADSS assessments. Certifications include CISSP, CISA, QSA, PCIP.

Ben Rothke, CISSP, CISM, CISA is a New York city-based Senior Information Security Manager with Tapad and has over 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. Ben is the author of the book Computer Security - 20 Things Every Employee Should Know, and writes security and privacy book reviews for the RSA Conference blog and Security Management. He is a frequent speaker at industry conferences, such as RSA and MISTI, is a member of ASIS, and InfraGard, and holds many security certifications, besides being an ISO 27001 lead auditor.

Zusammenfassung

Authored by four of the most recognized PCI experts

Reviews detailed documentation requirements for each of the more than 400 PCI DSS requirements

Includes practical details of real-world PCI use and compliance

Inhaltsverzeichnis
Chapter 1. A Brief History of PCI.- Chapter 2. Install and Maintain Network Controls.- Chapter 3. Apply Secure Configurations to all System Components- Chapter 4. Protect Stored Account Data.- Chapter 5. Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks.- Chapter 6. Protect All Systems and Networks from Malicious Software.- Chapter 7. Develop and Maintain Secure Systems and Software.- Chapter 8. Restrict Access to System Components and Cardholder Data by Business Need to Know.- Chapter 9. Identify Users and Authenticate Access to System Components.- Chapter 10. Restrict Physical Access to Cardholder Data.- Chapter 11. Log and Monitor All Access to System Components and Cardholder Data.- Chapter 12. Test Security of Systems and Networks Regularly.- Chapter 13. Support Information Security with Organizational Policies and Programs.- Chapter 14. How To Read a Service Provider Attestation of Compliance.- Chapter 15. Segmentation and tokenization.- Chapter 16. The Customized Approach, Compensating Controls, and the Targeted Risk Analysis.
Details
Erscheinungsjahr: 2023
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Seiten: 280
Inhalt: xxiv
253 S.
12 s/w Illustr.
253 p. 12 illus.
ISBN-13: 9781484292877
ISBN-10: 1484292871
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Cooper Jr., Arthur B.
Rothke, Ben
Mundhenk, David
Hall, Jeff
Auflage: 1st ed.
Hersteller: Apress
Apress L.P.
Maße: 235 x 155 x 16 mm
Von/Mit: Arthur B. Cooper Jr. (u. a.)
Erscheinungsdatum: 25.05.2023
Gewicht: 0,429 kg
preigu-id: 126495050
Über den Autor
Arthur B. Cooper Jr. ("Coop") is Principal Security Consultant at TrustedSec. He has 44 years of experience in information technology with the last 17 years focused on the security of payment systems and architectures, ecommerce, payment application assessments, forensic investigations, compliance security assessments, development of secure network architectures, risk management programs, security governance initiatives, and regulatory compliance. Coop was a member of the US Air Force for most of his young adult life and had direct experience with the original ARPANET and ARPANET 1822 Protocols. He was directly involved with the original DoD X.25 networks, the Defense Data Network (DDN), and the Automatic Digital Information Network (AUTODIN). He was directly involved with the original BBN Packet Switch Node (PSN) systems and has witnessed every major information technology "leap" or development since that time.

Coop was the Standards Trainer for the Payment Card Industry Security Standards Council (PCI SSC) for three years from 2010 to 2013 and has been a consultant to some of the largest retail companies and financial institutions in the world. He has worked with businesses to improve their overall security posture and to meet compliance regulations such as PCI, HIPAA, GLBA, and SOX. Coop is an experienced team leader and IT security expert who can ensure timely and successful completion of projects, as well as an enthusiastic security engineer researching emerging security technologies, trends, and tools. His certifications include: Security +, CEH, CISA, CDPSE, CISSP, PCIP, and PCI QSA.

Jeff Hall is Principal Security Consultant at Truvantis, Inc. He has over 30 years of technology and compliance project experience. Jeff has done a significant amount of work with financial institutions, and the health care, manufacturing, and distribution industries, including security assessments, strategic technology planning, and application implementation. He is part of the PCI Dream Team and is the writer of the PCI Guru blog, the definitive source for PCI DSS information.

David Mundhenk is Principal Security Consultant at the eDelta Consulting, as an information security, governance, risk, and compliance consultant with extensive multi-organizational experience providing a myriad of professional security services to business and government entities worldwide. He has worked as a computer and network system security professional for more than 30 years. David's experience covers a broad spectrum of security disciplines, including security compliance assessments, security product quality assurance, vulnerability scanning, penetration testing, application security assessments, network and host intrusion detection/prevention, disaster and recovery planning, protocol analysis, formal security training instruction, and social engineering. He has successfully completed 200+ PCI DSS assessments and scores of PADSS assessments. Certifications include CISSP, CISA, QSA, PCIP.

Ben Rothke, CISSP, CISM, CISA is a New York city-based Senior Information Security Manager with Tapad and has over 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. Ben is the author of the book Computer Security - 20 Things Every Employee Should Know, and writes security and privacy book reviews for the RSA Conference blog and Security Management. He is a frequent speaker at industry conferences, such as RSA and MISTI, is a member of ASIS, and InfraGard, and holds many security certifications, besides being an ISO 27001 lead auditor.

Zusammenfassung

Authored by four of the most recognized PCI experts

Reviews detailed documentation requirements for each of the more than 400 PCI DSS requirements

Includes practical details of real-world PCI use and compliance

Inhaltsverzeichnis
Chapter 1. A Brief History of PCI.- Chapter 2. Install and Maintain Network Controls.- Chapter 3. Apply Secure Configurations to all System Components- Chapter 4. Protect Stored Account Data.- Chapter 5. Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks.- Chapter 6. Protect All Systems and Networks from Malicious Software.- Chapter 7. Develop and Maintain Secure Systems and Software.- Chapter 8. Restrict Access to System Components and Cardholder Data by Business Need to Know.- Chapter 9. Identify Users and Authenticate Access to System Components.- Chapter 10. Restrict Physical Access to Cardholder Data.- Chapter 11. Log and Monitor All Access to System Components and Cardholder Data.- Chapter 12. Test Security of Systems and Networks Regularly.- Chapter 13. Support Information Security with Organizational Policies and Programs.- Chapter 14. How To Read a Service Provider Attestation of Compliance.- Chapter 15. Segmentation and tokenization.- Chapter 16. The Customized Approach, Compensating Controls, and the Targeted Risk Analysis.
Details
Erscheinungsjahr: 2023
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Seiten: 280
Inhalt: xxiv
253 S.
12 s/w Illustr.
253 p. 12 illus.
ISBN-13: 9781484292877
ISBN-10: 1484292871
Sprache: Englisch
Ausstattung / Beilage: Paperback
Einband: Kartoniert / Broschiert
Autor: Cooper Jr., Arthur B.
Rothke, Ben
Mundhenk, David
Hall, Jeff
Auflage: 1st ed.
Hersteller: Apress
Apress L.P.
Maße: 235 x 155 x 16 mm
Von/Mit: Arthur B. Cooper Jr. (u. a.)
Erscheinungsdatum: 25.05.2023
Gewicht: 0,429 kg
preigu-id: 126495050
Warnhinweis

Ähnliche Produkte

Ähnliche Produkte

Taschenbuch
Cover: 9781617292347 | Event Streams in Action: Real-Time Event Systems with Kafka and...
Event Streams in Action: Real-Time Event Systems with Kafka and Kinesis
EAN: 9781617292347
Sprache: Englisch
Von/Mit: Alexander Dean

49,85 €*

Lieferzeit 1-2 Wochen

Taschenbuch
Cover: 9783944749150 | Windows Server 2016 | Der schnelle Einstieg | Carlo Westbrook | Buch
Windows Server 2016
Der schnelle Einstieg
EAN: 9783944749150
Sprache: Deutsch
Von/Mit: Carlo Westbrook

34,90 €*

Lieferzeit 1-2 Werktage

Taschenbuch
Cover: 9781789611809 | Learn Kali Linux 2019 | Glen D. Singh | Taschenbuch | Paperback | 2019
Learn Kali Linux 2019
EAN: 9781789611809
Sprache: Englisch
Von/Mit: Glen D. Singh

47,80 €*

Lieferzeit 4-7 Werktage

Buch
Cover: 9781950665839 | Cyber Crisis | Eric Cole | Buch | Englisch | 2021 | BenBella Books
Cyber Crisis
Protecting Your Business from Real Threats in the Virtual World
EAN: 9781950665839
Sprache: Englisch
Von/Mit: Eric Cole

27,85 €*

Lieferzeit 1-2 Wochen

Taschenbuch
Cover: 9789391030797 | Cracking Containers with Docker and Kubernetes | Nisarg Vasavada
Cracking Containers with Docker and Kubernetes
The definitive guide to Docker, Kubernetes, and the Container Ecosystem across Cloud and on-premises (English Edition)
EAN: 9789391030797
Sprache: Englisch
Von/Mit: Nisarg Vasavada

47,80 €*

Lieferzeit 4-7 Werktage

Taschenbuch
Cover: 9780134457109 | TCP/IP Illustrated, Volume 3 | W. Stevens | Taschenbuch | Englisch
TCP/IP Illustrated, Volume 3
TCP for Transactions, Http, Nntp, and the UNIX Domain Protocols
EAN: 9780134457109
Sprache: Englisch
Von/Mit: W. Stevens

75,50 €*

Aktuell nicht verfügbar

Taschenbuch
Cover: 9781098111397 | Managing Cloud Native Data on Kubernetes | Jeff Carpenter (u. a.)
Managing Cloud Native Data on Kubernetes
Architecting Cloud Native Data Services Using Open Source Technology
EAN: 9781098111397
Sprache: Englisch
Von/Mit: Jeff Carpenter (u. a.)

69,45 €*

Lieferzeit 1-2 Wochen

Taschenbuch
Cover: 9781803240893 | Industrial IoT for Architects and Engineers | Joey Bernal (u. a.)
Industrial IoT for Architects and Engineers
Architecting secure, robust, and scalable industrial IoT solutions with AWS
EAN: 9781803240893
Sprache: Englisch
Von/Mit: Joey Bernal (u. a.)

54,80 €*

Lieferzeit 4-7 Werktage

Taschenbuch
Cover: 9789355519511 | Advanced Penetration Testing with Kali Linux | Ummed Meel | Buch
Advanced Penetration Testing with Kali Linux
Unlocking industry-oriented VAPT tactics (English Edition)
EAN: 9789355519511
Sprache: Englisch
Von/Mit: Ummed Meel

41,15 €*

Lieferzeit 1-2 Wochen

Taschenbuch
Cover: 9781837636792 | Microsoft 365 Certified Fundamentals MS-900 Exam Guide - Third Edition
Microsoft 365 Certified Fundamentals MS-900 Exam Guide - Third Edition
Gain the knowledge and problem-solving skills needed to pass the MS-900 exam on your first attempt
EAN: 9781837636792
Sprache: Englisch
Von/Mit: Marcos Zanre

55,65 €*

Lieferzeit 4-7 Werktage

Diese Website verwendet Cookies, um eine bestmögliche Erfahrung bieten zu können. Mehr Informationen ...