Pluralsight – PCI DSS: Restricting Access to Cardholder Data 2024-10

PCI DSS course: Restricting Access to Cardholder Data. The key to achieving PCI DSS compliance is to fully understand each subset of requirements and how to evaluate them. In this course, you will learn how to interpret PCI DSS requirements 7, 8, and 9 and implement them in your organization. First, you’ll learn how PCI DSS defines role-based access and the minimum access and need-to-know principle. Next, you’ll review the lengthy and detailed requirements for usernames, passwords, and multi-factor authentication. You will then explore the requirements for protecting cardholder data in physical form – written on paper and stored on electronic media. Finally, you’ll get practical insights into both requirements from experienced PCI assessors. After completing this course, you will have the skills and knowledge to apply PCI DSS requirements 7, 8, and 9 to any organization’s environment and determine whether it meets the requirements of the standard.

What you will learn

• Understanding how access roles are defined based on the principle of least access and need to know in PCI DSS
• Review lengthy and detailed requirements for usernames, passwords, and multi-factor authentication
• Examining requirements related to the protection of cardholder data in physical form, such as hard copies and stored in electronic media
• Gain practical insights on both requirements from experienced PCI assessors
• Ability to assess the organization’s compliance with requirements 7, 8 and 9 of the PCI DSS standard

This course is suitable for people who

• Responsible for implementing and maintaining PCI DSS compliance.
• Looking for a deep understanding of cardholder data access requirements.
• They want to ensure that their organization is protecting sensitive customer data well.
• They work in the field of information security and data protection.