Training

Two Day PCI DSS Technical

Delivered from the perspective of an experienced Qualified Security Assessor (QSA), this two day educational seminar provides delegates with the opportunity to gain a thorough understanding of the PCI DSS. The course aims to cover the following areas:

  • A general introduction to the PCI DSS
  • An overview of related standards; PA-DSS, PTS DSS, P2PE
  • A typical project lifecycle, including scoping, gap analysis, assessment and remediation
  • An understanding of how PCI DSS Compliance is validated
  • Typical compliance pitfalls
  • Providing the knowledge to make informed decisions and manage compliance programmes
  • An in depth review of each PCI DSS Requirement, exploring the logic behind section
  • Relevant security topics and emerging technologies
  • Interactive Q&A summaries, providing the opportunity to discuss issues specific to your business and environment

The thorough review of the standard is further enriched through the use of case studies and small group activities. Each delegate will be provided with an extensive training manual.

For enquiries, please get in touch with us via training@foregenix.com

Agenda

Day One

  • Module 1: Overview of the PCI DSS
  • Module 2: Security Breaches Overview
  • Module 3: PCI DSS and Related Standards
  • Module 4: Applicability and Scope
  • Module 5: Compliance and Validation
  • Module 6: Payment Brands Compliance Programs
  • Module 7: Industry Players & Transaction Lifecycle
  • Module 8: Cardholder Data Finding and Eliminating Prohibited Data
  • Module 9: Compensating Controls
  • Module 10: PCI SSC QA Program
  • Module 11: Approved Scanning Vendors
  • Module 12: New Standard and Emerging Technologies
    • Module 12.1: Data Field Encryption / E2EE / P2PE
    • Module 12.2: Wireless Netwrok Guidelines
    • Module 12.3: Virtuallization and Cloud Computing
    • Module 12.4: Tokenization
  • Module 13: Call Centres
    • Module 13.1: Desktop Environment Scope
    • Module 13.2: Call Recordings - SAD Data
  • Module 14: Risk Assessment Module
  • Module 15: Q&A

Day Two

  • An in depth review of PCI DSS Requirements 1-12 (one module per requirement)
  • ROC Reporting Instructions
  • Navigating PCI DSS Understanding the Intent of the Requirements
  • Q&A