Normal view MARC view ISBD view

PCI Compliance : Understand and Implement Effective PCI Data Security Standard Compliance

By: Williams, Branden R.
Contributor(s): Chuvakin, Anton.
Material type: TextTextSeries: eBooks on Demand.Publisher: Burlington : Elsevier Science, 2014Edition: 4th ed.Description: 1 online resource (615 p.).ISBN: 9780128016510.Subject(s): Computer networks -- Security measures | Credit cards -- Security measures -- Handbooks, manuals, etc | Data protection -- Standards -- Handbooks, manuals, etc | Data protection -- StandardsGenre/Form: Electronic books.Additional physical formats: Print version:: PCI Compliance : Understand and Implement Effective PCI Data Security Standard ComplianceDDC classification: 004 LOC classification: QA76.9.A25Online resources: Click here to view this ebook.
Contents:
Cover; Title page; Table of Contents; Copyright; Foreword; Acknowledgments; Chapter 1: About PCI DSS and this book; Abstract; Who should read this book?; How to use the book in your daily job; What this book is not; Organization of the book; Summary; Chapter 2: Introduction to fraud, data theft, and related regulatory mandates; Abstract; Summary; Chapter 3: Why is PCI here?; Abstract; What is PCI DSS and who must comply?; PCI DSS in depth; Quick overview of PCI requirements; PCI DSS and risk; Benefits of compliance; Case study; Summary; Chapter 4: Determining and reducing the PCI scope
AbstractThe basics of PCI DSS scoping; The "gotchas" of PCI scope; Scope reduction tips; Planning your PCI project; Case study; Summary; Chapter 5: Building and maintaining a secure network; Abstract; Which PCI DSS requirements are in this domain?; What else can you do to be secure?; Tools and best practices; Common mistakes and pitfalls; Case study; Summary; Chapter 6: Strong access controls; Abstract; Which PCI DSS requirements are in this domain?; What else can you do to be secure?; Tools and best practices; Common mistakes and pitfalls; Case study; Summary
Chapter 7: Protecting cardholder dataAbstract; What is data protection and why is it needed?; Requirements addressed in this chapter; PCI requirement 3: Protect stored cardholder data; Requirement 3 walk-through; What else can you do to be secure?; PCI requirement 4 walk-through; Requirement 12 walk-through; Appendix A of PCI DSS; How to become compliant and secure; Common mistakes and pitfalls; Case study; Summary; Chapter 8: Using wireless networking; Abstract; What is wireless network security?; Where is wireless network security in PCI DSS?; Why do we need wireless network security?
Tools and best practicesCommon mistakes and pitfalls; Case study; Summary; Chapter 9: Vulnerability management; Abstract; PCI DSS requirements covered; Vulnerability management in PCI; Requirement 5 walk-through; Requirement 6 walk-through; Requirement 11 walk-through; Internal vulnerability scanning; Common PCI vulnerability management mistakes; Case study; Summary; Chapter 10: Logging events and monitoring the cardholder data environment; Abstract; PCI requirements covered; Why logging and monitoring in PCI DSS?; Logging and monitoring in depth; PCI relevance of logs
Logging in PCI requirement 10Monitoring data and log for security issues; Logging and monitoring in PCI-all other requirements; PCI DSS logging policies and procedures; Tools for logging in PCI; Other monitoring tools; Intrusion detection and prevention; Integrity monitoring; Common mistakes and pitfalls; Case study; Summary; Chapter 11: PCI DSS and cloud computing; Abstract; Cloud basics; PCI cloud examples; So, can I use cloud resources in PCI DSS environments?; More cloud for better security and compliance?; Maintaining and assessing PCI DSS in the cloud; Cloud and PCI DSS in depth
Summary
Summary: Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. Thi
Tags from this library: No tags from this library for this title. Log in to add tags.
Item type Current location Call number URL Status Date due Barcode
Electronic Book UT Tyler Online
Online
QA76.9.A25 (Browse shelf) http://uttyler.eblib.com/patron/FullRecord.aspx?p=1832710 Available EBL1832710

Cover; Title page; Table of Contents; Copyright; Foreword; Acknowledgments; Chapter 1: About PCI DSS and this book; Abstract; Who should read this book?; How to use the book in your daily job; What this book is not; Organization of the book; Summary; Chapter 2: Introduction to fraud, data theft, and related regulatory mandates; Abstract; Summary; Chapter 3: Why is PCI here?; Abstract; What is PCI DSS and who must comply?; PCI DSS in depth; Quick overview of PCI requirements; PCI DSS and risk; Benefits of compliance; Case study; Summary; Chapter 4: Determining and reducing the PCI scope

AbstractThe basics of PCI DSS scoping; The "gotchas" of PCI scope; Scope reduction tips; Planning your PCI project; Case study; Summary; Chapter 5: Building and maintaining a secure network; Abstract; Which PCI DSS requirements are in this domain?; What else can you do to be secure?; Tools and best practices; Common mistakes and pitfalls; Case study; Summary; Chapter 6: Strong access controls; Abstract; Which PCI DSS requirements are in this domain?; What else can you do to be secure?; Tools and best practices; Common mistakes and pitfalls; Case study; Summary

Chapter 7: Protecting cardholder dataAbstract; What is data protection and why is it needed?; Requirements addressed in this chapter; PCI requirement 3: Protect stored cardholder data; Requirement 3 walk-through; What else can you do to be secure?; PCI requirement 4 walk-through; Requirement 12 walk-through; Appendix A of PCI DSS; How to become compliant and secure; Common mistakes and pitfalls; Case study; Summary; Chapter 8: Using wireless networking; Abstract; What is wireless network security?; Where is wireless network security in PCI DSS?; Why do we need wireless network security?

Tools and best practicesCommon mistakes and pitfalls; Case study; Summary; Chapter 9: Vulnerability management; Abstract; PCI DSS requirements covered; Vulnerability management in PCI; Requirement 5 walk-through; Requirement 6 walk-through; Requirement 11 walk-through; Internal vulnerability scanning; Common PCI vulnerability management mistakes; Case study; Summary; Chapter 10: Logging events and monitoring the cardholder data environment; Abstract; PCI requirements covered; Why logging and monitoring in PCI DSS?; Logging and monitoring in depth; PCI relevance of logs

Logging in PCI requirement 10Monitoring data and log for security issues; Logging and monitoring in PCI-all other requirements; PCI DSS logging policies and procedures; Tools for logging in PCI; Other monitoring tools; Intrusion detection and prevention; Integrity monitoring; Common mistakes and pitfalls; Case study; Summary; Chapter 11: PCI DSS and cloud computing; Abstract; Cloud basics; PCI cloud examples; So, can I use cloud resources in PCI DSS environments?; More cloud for better security and compliance?; Maintaining and assessing PCI DSS in the cloud; Cloud and PCI DSS in depth

Summary

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. Thi

Description based upon print version of record.

Author notes provided by Syndetics

Branden R. Williams (CISSP, CISM, CPISA, CPISM) leads an information security practice in a Global Security Consulting group at a major security firm in Flower Mound, TX and teaches in the NSA Certified Information Assurance program at the University of Dallas's Graduate School of Management. Branden has been involved in information technology since 1994, and focused on information security since 1996. He started consulting on payment security in 2004, assessing companies against the Visa CISP and Mastercard SDP programs. He has a Bachelors of Business Administration in Marketing from the University of Texas, Arlington, and a Masters of Business Administration in Supply Chain Management and Market Logistics from the University of Dallas.<br> Branden publishes a monthly column in the ISSA Journal entitled "Herding Cats," and authors a blog at http://www.brandenwilliams.com/.<br> <br> Dr. Anton Chuvakin is a recognized security expert in the field of log<br> management and PCI DSS compliance. He is an author of the books "Security Warrior" and "PCI<br> Compliance" and has contributed to many others, while also publishing dozens of papers on<br> log management, correlation, data analysis, PCI DSS, and security management. His blog<br> (http://www.securitywarrior.org) is one of the most popular in the industry.<br> Additionaly, Anton teaches classes and presents at many security conferences across the world<br> and he works on emerging security standards and serves on the advisory boards of<br> several security start-ups. Currently, Anton is developing his security consulting practice,<br> focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations.<br> Anton earned his Ph.D. from Stony Brook University.

There are no comments for this item.

Log in to your account to post a comment.