Fall 2022 PCI DSS (Payment Card Industry Data Security Standard) Training

Starts:  Nov 10, 2022 09:00 (ET)
Ends:  Nov 11, 2022 17:00 (ET)
Associated with  New York Metropolitan Chapter

The final class registration day will be closed on November 1st, 2022 at 08:30 pm. No exceptions are made.


Note:  Due to COVID-19 This event will be online only
" Please register for this class using the private email address (Gmail, yahoo, AOL, Hotmail address) and not your organizations' email address.
Many organizations block emails with attachments and block webex
links"


Dates and Times: All times are New York time (Eastern Standard Time). Please click here to check the time and date in your location. 
November  10th, 2022    9:00 AM - 5:00 PM EST
November  11th,  2022    9:00 AM - 5:00 PM EST


Prerequisite: Experienced  IT control or audit or security professionals.

Benefits of this class:
Overview:  Payment Card Industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions. This comprehensive 2-day PCI security training course can help you understand how to adequately protect customer card data and meet PCI DSS (Payment Card Industry Data Security Standard) requirements.  Understanding the 12 requirements of PCI and best practices for handling card data is critical to properly comply with PCI. This course will discuss both the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions. 

Course outline:

I. PCI DSS

a. Background

b. Who PCI applies to

c. Key entities 

II. PCI Considerations

a. Compensating controls

b. Segmentation

c. ROC

III. PCI Requirements

a. Build and Maintain a Secure Network and Systems

 i. Firewall configuration

 ii. Vendor defaults

b. Protect Cardholder Data

 i. Controls for cardholder data

 ii. Encryption

c. Maintain a Vulnerability Management Program

 i. Malware controls

 ii. Secure systems

d. Implement Strong Access Control Measures

 i. Access controls

 ii. Authentication

 iii. Physical security

e. Regularly Monitor and Test Networks

 i. Access to network and cardholder data

 ii. Testing security systems and processes

f. Maintain an Information Security Policy

 i. Information security for all personnel

IV. Summary


Instructor:  Ms. Tanya Baccam, CPA, CISSP, GCIH, GPPA, GSEC, CISA, CISM, CITP, OCP DBA
Tanya is an experienced information security consultant and senior SANS  instructor. She has consulted with a variety of clients about their security architecture in areas such as perimeter security, network infrastructure design, system audits, Web server security, Web application assessments, risk assessments, penetration testing, and database security. She has played an integral role in developing multiple business applications in roles ranging from the director of assurance services for a security services consulting firm, the manager of infrastructure security for a healthcare organization, and as a  manager at Deloitte. She currently holds CPA, GIAC GCIH, CISSP, CISM,  CITP, CISA, CCNA, and OCP DBA certifications. 

Laptop Required
Students are required to have a laptop in order to complete the hands-on exercises. The laptop should meet the following specifications for the  student to get the most from the exercises:
     • USB Port
     • 8 GB RAM or higher
     • 25 GB available hard drive space
     • Windows 7 professional or later (Home or similar editions will not have some of the features needed.)
     • Administrator privileges including the capability to install and run tools, as well as disable anti-virus
     • VMWare Player should be installed
Who should attend as this course's Target Audience
• Internal Auditors, IT Specialist Auditors, IT Auditors, IT Audit Managers, Information System Auditors, Information System
Managers, Information Technology Auditors, Information Security Officers, Consultants

Course Material: This Will be sent out prior to the class via email.

Note: 

Important: Anyone who fails to make a payment online will not be considered an attendee. 

CPE Credits: 14     Capacity:  webinar - 25 people.

Live broadcast webinar location: Anywhere in the world
Refund Policy:  100%  Refund before October 5th, 2022.  A refund must be requested in writing and will not be accepted after the said date. Please modify your registration with your confirmation number.

Very Important: 

Anyone who fails to make a payment online will not be considered an attendee. 

  • CPE  credits can be applied toward each ISACA designation that is held. Full  CPE credits will be awarded only if all sections of Preparation classes have been attended.
  • Webinar sessions are not being recorded - it's a live broadcast.
  • You cannot switch between onsite and online sessions once decided if is offered the choices.
  • Webinar access instructions are provided prior to the first day of class.
  • For webinar attendees, For the best result please use the PC, or labtop.