PCI DSS: Detection, Assurance, and Management from Pluralsight

Requirements 10, 11, & 12 of PCI DSS version 3.2.1 are to monitor & test networks, and to maintain an information security policy. Understand what each requirement asks for and discover practical guidance from experienced PCI assessors.

The key to achieving PCI DSS compliance is a thorough knowledge of each of the sub-requirements and how they'll be assessed. In this course, PCI DSS: Detection, Assurance, and Management, you’ll learn how to interpret PCI DSS requirements 10, 11, & 12, and apply them to your network. First, you’ll learn the how PCI DSS wants access to network resources and cardholder data to be tracked and monitored. Next, you’ll explore the requirement to regularly test security systems and processes. You’ll also see the final requirement in PCI DSS which is to maintain a policy that addresses information security for all personnel. Finally, you’ll discover practical insights about all three requirements from experienced PCI assessors. When you’ve finished with this course you'll have the skills and knowledge to apply PCI DSS requirements 3, 4, 5, & 6 to an organization’s environment and to determine whether they are compliant with the demands of the standard.

What's inside

Syllabus

Course Overview

Requirement 10: Track and Monitor Access to Resources and Data

Requirement 11: Regularly Test Security Systems and Processes

Requirement 11.3: Penetration Testing

Requirement 12: Maintain a Policy that Addresses Information Security

Requirement 12 Continued: Third-party Service Providers

Requirement 12 Continued: Incident Management

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Examines highly relevant PCI DSS compliance requirements

Taught by instructors recognized for PCI DSS assessment expertise

Practical guidance for implementing PCI DSS requirements

Teaches students how to track and monitor access to network resources and cardholder data

Develops understanding of regular security systems and process testing

Addresses the maintenance of information security policies for all personnel

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in PCI DSS: Detection, Assurance, and Management with these activities:

Read 'Network Security Assessment' by Chris McNab

Show steps

Supplement understanding of network security concepts through a comprehensive and informative text.

View Network Security Assessment: Know Your Network on Amazon

Show steps

Obtain a copy of the book
Read and review chapters relevant to the course

Join a study group to discuss course concepts

Show steps

Engage with peers, exchange perspectives, and deepen comprehension through collaborative learning.

Show steps

Find or form a study group with classmates
Establish regular meeting times and discuss assigned topics

Complete a tutorial on network monitoring tools

Show steps

Gain practical experience using tools to monitor network traffic and identify security breaches.

Browse courses on Network Monitoring

Show steps

Choose a reputable tutorial on network monitoring tools
Follow the tutorial step-by-step and practice using the tools

Four other activities

Expand to see all activities and additional details

Show all seven activities

Develop a network security policy

Show steps

Translate security requirements into clear and enforceable policies to guide network management and usage.

Show steps

Review existing security standards and regulations
Identify specific security objectives and controls
Document the policy clearly and distribute it to relevant parties

Conduct regular penetration tests

Show steps

Identify potential vulnerabilities and weaknesses in your network through simulated attacks.

Browse courses on Network Penetration Testing

Show steps

Establish a testing environment and define scope
Use automated and manual techniques to scan for vulnerabilities
Analyze results and prioritize remediation efforts

Volunteer for a cybersecurity organization

Show steps

Enhance practical knowledge, build industry connections, and contribute to the security ecosystem.

Browse courses on Cybersecurity

Show steps

Research and identify reputable cybersecurity organizations
Inquire about volunteer opportunities and apply for a suitable role

Contribute to open-source network security projects

Show steps

Gain hands-on experience and contribute to the broader security community by participating in open-source projects.

Browse courses on network security

Show steps

Identify suitable open-source network security projects
Review the project documentation and identify areas to contribute
Make meaningful contributions such as bug fixes or feature enhancements

Career center

Learners who complete PCI DSS: Detection, Assurance, and Management will develop knowledge and skills that may be useful to these careers:

Penetration Tester

Penetration Testers are responsible for testing an organization's security systems and infrastructure to identify vulnerabilities that could be exploited by attackers. PCI DSS requirement 11.3 specifically addresses penetration testing. This course may help build a foundation for a career as a Penetration Tester by providing a deep understanding of PCI DSS requirements 10, 11, & 12.

See salaries and explore the career path for Penetration Tester

Chief Information Security Officer (CISO)

Chief Information Security Officers (CISOs) are responsible for leading an organization's information security program. PCI DSS requirements 10, 11, & 12 are essential for CISOs to understand and implement. This course may help build a foundation for a career as a CISO by providing a deep understanding of these requirements.

See salaries and explore the career path for Chief Information Security Officer (CISO)

Information Security Officer (ISO)

Information Security Officers (ISOs) are responsible for developing and implementing an organization's information security program. PCI DSS requirements 10, 11, & 12 are essential for ISOs to understand and implement. This course may help build a foundation for a career as an ISO by providing a deep understanding of these requirements.

See salaries and explore the career path for Information Security Officer (ISO)

Security Engineer

Security Engineers design, implement, and maintain an organization's security systems and infrastructure. They work to protect the organization's data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. PCI DSS requirements 10, 11, & 12 are essential for Security Engineers to understand and implement. This course may help build a foundation for a career as a Security Engineer by providing a deep understanding of these requirements.

See salaries and explore the career path for Security Engineer

Security Analyst

Security Analysts are responsible for monitoring an organization's security systems and infrastructure for suspicious activity. PCI DSS requirements 10, 11, & 12 are essential for Security Analysts to understand and implement. This course may help build a foundation for a career as a Security Analyst by providing a deep understanding of these requirements.

See salaries and explore the career path for Security Analyst

Information Security Analyst

Information Security Analysts are responsible for protecting an organization's computer networks and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. PCI DSS requirements 10, 11, & 12 are essential for Information Security Analysts to understand and implement. This course may help build a foundation for a career as an Information Security Analyst by providing a deep understanding of these requirements.

See salaries and explore the career path for Information Security Analyst

Risk Manager

Risk Managers are responsible for identifying, assessing, and mitigating risks to an organization. PCI DSS requirements 10, 11, & 12 are essential for Risk Managers to understand and implement. This course may help build a foundation for a career as a Risk Manager by providing a deep understanding of these requirements.

See salaries and explore the career path for Risk Manager

Security Consultant

Security Consultants provide advice and guidance to organizations on how to protect their data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. PCI DSS requirements 10, 11, & 12 are essential for Security Consultants to understand and implement. This course may help build a foundation for a career as a Security Consultant by providing a deep understanding of these requirements.

See salaries and explore the career path for Security Consultant

Compliance Manager

Compliance Managers are responsible for ensuring that an organization complies with all applicable laws and regulations. PCI DSS requirements 10, 11, & 12 are essential for Compliance Managers to understand and implement. This course may help build a foundation for a career as a Compliance Manager by providing a deep understanding of these requirements.

See salaries and explore the career path for Compliance Manager

Security Architect

Security Architects design, implement, and maintain an organization's security infrastructure. They work to protect the organization's data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. PCI DSS requirements 10, 11, & 12 are essential for Security Architects to understand and implement. This course may help build a foundation for a career as a Security Architect by providing a deep understanding of these requirements.

See salaries and explore the career path for Security Architect

Auditor

Auditors are responsible for examining an organization's financial records and operations to ensure accuracy and compliance with laws and regulations. PCI DSS requirements 10, 11, & 12 are essential for Auditors to understand and implement. This course may help build a foundation for a career as an Auditor by providing a deep understanding of these requirements.

See salaries and explore the career path for Auditor

Systems Administrator

Systems Administrators are responsible for managing an organization's computer systems and software. PCI DSS requirement 11 specifically addresses regularly testing security systems and processes. This course may help build a foundation for a career as a Systems Administrator by providing a deep understanding of this requirement.

See salaries and explore the career path for Systems Administrator

Database Administrator

Database Administrators are responsible for managing an organization's databases. PCI DSS requirement 10 specifically addresses tracking and monitoring access to data. This course may help build a foundation for a career as a Database Administrator by providing a deep understanding of this requirement.

See salaries and explore the career path for Database Administrator

Network Administrator

Network Administrators are responsible for managing an organization's computer networks and systems. PCI DSS requirement 10 specifically addresses tracking and monitoring access to network resources and data. This course may help build a foundation for a career as a Network Administrator by providing a deep understanding of this requirement.

See salaries and explore the career path for Network Administrator

Incident Responder

Incident Responders are responsible for responding to security incidents and breaches. PCI DSS requirement 12 specifically addresses incident management. This course may help build a foundation for a career as an Incident Responder by providing a deep understanding of this requirement.

See salaries and explore the career path for Incident Responder