Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Cover Title page Table of Contents Copyright Foreword Acknowledgments Chapter 1: About PCI DSS and this book
Abstract Who should read this book? How to use the book in your daily job What this book is not Organization of the book Summary
Chapter 2: Introduction to fraud, data theft, and related regulatory mandates
Abstract Summary
Chapter 3: Why is PCI here?
Abstract What is PCI DSS and who must comply? PCI DSS in depth Quick overview of PCI requirements PCI DSS and risk Benefits of compliance Case study Summary
Chapter 4: Determining and reducing the PCI scope
Abstract The basics of PCI DSS scoping The “gotchas” of PCI scope Scope reduction tips Planning your PCI project Case study Summary
Chapter 5: Building and maintaining a secure network
Abstract Which PCI DSS requirements are in this domain? What else can you do to be secure? Tools and best practices Common mistakes and pitfalls Case study Summary
Chapter 6: Strong access controls
Abstract Which PCI DSS requirements are in this domain? What else can you do to be secure? Tools and best practices Common mistakes and pitfalls Case study Summary
Chapter 7: Protecting cardholder data
Abstract What is data protection and why is it needed? Requirements addressed in this chapter PCI requirement 3: Protect stored cardholder data Requirement 3 walk-through What else can you do to be secure? PCI requirement 4 walk-through Requirement 12 walk-through Appendix A of PCI DSS How to become compliant and secure Common mistakes and pitfalls Case study Summary
Chapter 8: Using wireless networking
Abstract What is wireless network security? Where is wireless network security in PCI DSS? Why do we need wireless network security? Tools and best practices Common mistakes and pitfalls Case study Summary
Chapter 9: Vulnerability management
Abstract PCI DSS requirements covered Vulnerability management in PCI Requirement 5 walk-through Requirement 6 walk-through Requirement 11 walk-through Internal vulnerability scanning Common PCI vulnerability management mistakes Case study Summary
Chapter 10: Logging events and monitoring the cardholder data environment
Abstract PCI requirements covered Why logging and monitoring in PCI DSS? Logging and monitoring in depth PCI relevance of logs Logging in PCI requirement 10 Monitoring data and log for security issues Logging and monitoring in PCI—all other requirements PCI DSS logging policies and procedures Tools for logging in PCI Other monitoring tools Intrusion detection and prevention Integrity monitoring Common mistakes and pitfalls Case study Summary
Chapter 11: PCI DSS and cloud computing
Abstract Cloud basics PCI cloud examples So, can I use cloud resources in PCI DSS environments? More cloud for better security and compliance? Maintaining and assessing PCI DSS in the cloud Cloud and PCI DSS in depth Summary
Chapter 12: Mobile
Abstract Where is mobility addressed in PCI DSS 3.0? What guidance is available? How does PA-DSS 3.0 fit? Deploying the technology safely Case study Summary
Chapter 13: PCI for the small business
Abstract The risks of credit card acceptance New business considerations Your POS is like my POS! A basic scheme for SMB hardening Case study Summary
Chapter 14: Managing a PCI DSS project to achieve compliance
Abstract Justifying a business case for compliance Bringing the key players to the table Budgeting time and resources Educating staff Project quickstart guide The PCI DSS prioritized approach The visa TIP Summary
Chapter 15: Don’t fear the assessor
Abstract Remember, assessors are there to help Dealing with assessors’ mistakes Planning for remediation Planning for reassessing Summary
Chapter 16: The art of compensating control
Abstract What is a compensating control? Where are compensating controls in PCI DSS? What a compensating control is not Funny controls you didn’t design How to create a good compensating control Case studies Summary
Chapter 17: You’re compliant, now what?
Abstract Security is a process, not an event Plan for periodic review and training PCI requirements with periodic maintenance PCI self-assessment Case study Summary
Chapter 18: Emerging technology and alternative payment schemes
Abstract New payment schemes Predictions Taxonomy and tidbits Case study Summary
Chapter 19: Myths and misconceptions of PCI DSS
Abstract Myth #1 PCI doesn’t apply to me MYTH #2 PCI is confusing and ambiguous Myth #3 PCI DSS is too onerous Myth #4 breaches prove PCI DSS irrelevant Myth #5 PCI is all we need for security Myth #6 PCI DSS is really easy Myth #7 my tool is PCI compliant thus I am compliant Myth #8 PCI is toothless Case study Summary
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion