PCI Compliance : Understand and Implement Effective PCI Data Security Standard Compliance.

Cover -- Title page -- Table of Contents -- Copyright -- Foreword -- Acknowledgments -- Chapter 1: About PCI DSS and this book -- Abstract -- Who should read this book? -- How to use the book in your daily job -- What this book is not -- Organization of the book -- Summary -- Chapter 2: Introduction to fraud, data theft, and related regulatory mandates -- Abstract -- Summary -- Chapter 3: Why is PCI here? -- Abstract -- What is PCI DSS and who must comply? -- PCI DSS in depth -- Quick overview of PCI requirements -- PCI DSS and risk -- Benefits of compliance -- Case study -- Summary -- Chapter 4: Determining and reducing the PCI scope -- Abstract -- The basics of PCI DSS scoping -- The "gotchas" of PCI scope -- Scope reduction tips -- Planning your PCI project -- Case study -- Summary -- Chapter 5: Building and maintaining a secure network -- Abstract -- Which PCI DSS requirements are in this domain? -- What else can you do to be secure? -- Tools and best practices -- Common mistakes and pitfalls -- Case study -- Summary -- Chapter 6: Strong access controls -- Abstract -- Which PCI DSS requirements are in this domain? -- What else can you do to be secure? -- Tools and best practices -- Common mistakes and pitfalls -- Case study -- Summary -- Chapter 7: Protecting cardholder data -- Abstract -- What is data protection and why is it needed? -- Requirements addressed in this chapter -- PCI requirement 3: Protect stored cardholder data -- Requirement 3 walk-through -- What else can you do to be secure? -- PCI requirement 4 walk-through -- Requirement 12 walk-through -- Appendix A of PCI DSS -- How to become compliant and secure -- Common mistakes and pitfalls -- Case study -- Summary -- Chapter 8: Using wireless networking -- Abstract -- What is wireless network security? -- Where is wireless network security in PCI DSS?.

Why do we need wireless network security? -- Tools and best practices -- Common mistakes and pitfalls -- Case study -- Summary -- Chapter 9: Vulnerability management -- Abstract -- PCI DSS requirements covered -- Vulnerability management in PCI -- Requirement 5 walk-through -- Requirement 6 walk-through -- Requirement 11 walk-through -- Internal vulnerability scanning -- Common PCI vulnerability management mistakes -- Case study -- Summary -- Chapter 10: Logging events and monitoring the cardholder data environment -- Abstract -- PCI requirements covered -- Why logging and monitoring in PCI DSS? -- Logging and monitoring in depth -- PCI relevance of logs -- Logging in PCI requirement 10 -- Monitoring data and log for security issues -- Logging and monitoring in PCI-all other requirements -- PCI DSS logging policies and procedures -- Tools for logging in PCI -- Other monitoring tools -- Intrusion detection and prevention -- Integrity monitoring -- Common mistakes and pitfalls -- Case study -- Summary -- Chapter 11: PCI DSS and cloud computing -- Abstract -- Cloud basics -- PCI cloud examples -- So, can I use cloud resources in PCI DSS environments? -- More cloud for better security and compliance? -- Maintaining and assessing PCI DSS in the cloud -- Cloud and PCI DSS in depth -- Summary -- Chapter 12: Mobile -- Abstract -- Where is mobility addressed in PCI DSS 3.0? -- What guidance is available? -- How does PA-DSS 3.0 fit? -- Deploying the technology safely -- Case study -- Summary -- Chapter 13: PCI for the small business -- Abstract -- The risks of credit card acceptance -- New business considerations -- Your POS is like my POS! -- A basic scheme for SMB hardening -- Case study -- Summary -- Chapter 14: Managing a PCI DSS project to achieve compliance -- Abstract -- Justifying a business case for compliance -- Bringing the key players to the table.

Budgeting time and resources -- Educating staff -- Project quickstart guide -- The PCI DSS prioritized approach -- The visa TIP -- Summary -- Chapter 15: Don't fear the assessor -- Abstract -- Remember, assessors are there to help -- Dealing with assessors' mistakes -- Planning for remediation -- Planning for reassessing -- Summary -- Chapter 16: The art of compensating control -- Abstract -- What is a compensating control? -- Where are compensating controls in PCI DSS? -- What a compensating control is not -- Funny controls you didn't design -- How to create a good compensating control -- Case studies -- Summary -- Chapter 17: You're compliant, now what? -- Abstract -- Security is a process, not an event -- Plan for periodic review and training -- PCI requirements with periodic maintenance -- PCI self-assessment -- Case study -- Summary -- Chapter 18: Emerging technology and alternative payment schemes -- Abstract -- New payment schemes -- Predictions -- Taxonomy and tidbits -- Case study -- Summary -- Chapter 19: Myths and misconceptions of PCI DSS -- Abstract -- Myth #1 PCI doesn't apply to me -- MYTH #2 PCI is confusing and ambiguous -- Myth #3 PCI DSS is too onerous -- Myth #4 breaches prove PCI DSS irrelevant -- Myth #5 PCI is all we need for security -- Myth #6 PCI DSS is really easy -- Myth #7 my tool is PCI compliant thus I am compliant -- Myth #8 PCI is toothless -- Case study -- Summary -- Index.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.