Payment Card Industry Data Security Standard Handbook支付卡行业数据安全标准手册 下载 pdf 百度网盘 epub 免费 2025 电子书 mobi 在线

Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, protection of customer account data, policies, procedures, network architecture, software design, and other critical protective measures. This all-inclusive resource facilitates a deeper understanding of how to put compliance into action while maintaining your business objectives.

Introduction.

Part 1: The Fundamentals.

Chapter 1: PCI Fundamentals.

　　History of PCI.

　　Why PCI DSS?

　Chapter 2: Security 101.

　　Strategy and Planning.

　　Information Risk Management.

　　Information Classifi cation.

　　Risk Assessment.

　　Risk Analysis.

　　Dealing With Risk.

　　Defense in Depth.

　　Policy, Standards, and Procedures.

　　Adoption of a Security Framework.

　　Security and the System Development Life Cycle (SDLC).

　　Security Training and Awareness.

　　Metrics.

　　Physical Security.

　　Data Communications and Networking.

　　Perimeter Security.

　　Information Security Monitoring and Log Management.

　　Intrusion Detection and Intrusion Prevention Technology.

　　Logical Access Control.

　　Electronic Authentication.

　　Encryption.

　　Remote Access Control.

　　Secure Communications.

　　HTTPS.

　　Secure Shell.

　　Virtual Private Networks.

　　Wireless.

　　Incident Response.

　　Forensics.

Part 2: PCI Breakdown (Control Objectives and Associated Standards).

　Chapter 3: Build and Maintain a Secure Network.

　　Requirement 1: Install and Maintain a Firewall Confi guration to Protect Cardholder Data.

　　Requirement 2: Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters.

　　Requirement A.1: Hosting Providers Protect Cardholder Data Environment.

　Chapter 4: Protect Cardholder Data.

　　Requirement 3: Protect Stored Cardholder Data.

　　PCI DSS Appendix B: Compensating Controls for Requirement 3.4.

　　Requirement 4: Encrypt Transmission of Cardholder Data Across Open Public Networks.

　Chapter 5: Maintain a Vulnerability Management Program.

　　Requirement 5: Use and Regularly Update Antivirus Software.

　　Requirement 6: Develop and Maintain Secure Systems and Applications.

　Chapter 6: Implement Strong Access Control Measures.

　　Requirement 7: Restrict Access to Cardholder Data by Business Need to Know.

　　Requirement 8: Assign a Unique ID to Each Person with Computer Access.

　　Requirement 9: Restrict Physical Access to Cardholder Data.

　Chapter 7: Regularly Monitor and Test Networks.

　　Requirement 10: Track and Monitor All Access to Network Resources and Cardholder Data.

　　Requirement 11: Regularly Test Security Systems and Processes.

　Chapter 8: Maintain an Information Security Policy.

　　Requirement 12: Maintain a Policy that Addresses Information Security.

Part 3: Strategy and Operations.

　Chapter 9: Assessment and Remediation.

　　PCI DSS Payment Card Industry Self-Assessment Questionnaire.

　　PCI DSS Security Audit Procedures.

　　PCI DSS Security Scanning Procedures.

　　Leveraging Self-Assessment.

　　Strategy and Program Development.

　Chapter 10: PCI Program Management.

　　Case for Strategic Compliance.

　　Who Should Be Involved Achieving PCI DSS Compliance for Our Organization?

PCI DSS Glossary, Abbreviations, and Acronyms.

References.

Resources.

Index.

Timothy M. Virtue, CISSP, CISA, CCE, CFE, CIPP/G, is an accomplished information security and risk management professional who specializes in the strategic application of information risk management methodologies to operational business goals and objectiv

暂无出版社相关信息，正在全力查找中！

暂无相关书籍摘录，正在全力查找中！

在线阅读地址：Payment Card Industry Data Security Standard Handbook支付卡行业数据安全标准手册在线阅读

在线听书地址：Payment Card Industry Data Security Standard Handbook支付卡行业数据安全标准手册在线收听

在线购买地址：Payment Card Industry Data Security Standard Handbook支付卡行业数据安全标准手册在线购买

暂无原文赏析，正在全力查找中！

书籍介绍

在线阅读本书

Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, protection of customer account data, policies, procedures, network architecture, software design, and other critical protective measures. This all–inclusive resource facilitates a deeper understanding of how to put compliance into action while maintaining your business objectives.