COURSE

PCI DSS: Payment Card Industry Data Security Standard

Course

This online PCI DSS training course covers the basic aspects of the PCI Data Security Standard for handling credit card data. It’s designed for professionals working for companies that must comply with the PCI DSS and its impact on company operations.
Full access included with 
Insider Pro
 and 
Teams

3

H

7

M
Time

beginner

i
Designed for learners who have no prior work experience in IT or Cybersecurity, but are interested in starting a career in this exciting field.
Designed for learners with prior cybersecurity work experience who are interested in advancing their career or expanding their skillset.
Designed for learners with a solid grasp of foundational IT and cybersecurity concepts who are interested in pursuing an entry-level security role.
Experience Level

4

i

Earn qualifying credits for certification renewal with completion certificates provided for submission.
CEU's

Enrollees

Learners at 96% of Fortune 1000 companies trust Cybrary

About this course

Read More

Skills you'll gain

Course Outline

1
Module 1: Introduction to Payment Card Industry Standards
0
H
10
Min
1
Module 2: Merchants
0
H
11
Min
1
Module 3: PCI/DSS Requirements
2
H
19
Min
1
Module 4: Preparing For and Passing Your Audit
0
H
28
Min
1
Course Assessment
0
H
30
Min

4.1 Compensating Controls

Free

7m

3.1 PCI/DSS Goals and Requirements

Free

10m

1.1 Course Introduction

Free

2m

2.1 Merchants

Free

11m

3.2 Requirement 1 Part 1

Free

10m

1.2 PCI/DSS

Free

7m

4.3 Prioritized Approach

Free

4m

3.3 Requirement 1 Part 2

Free

10m

4.4 Scoping

Free

9m

3.4 Requirement 2

Free

8m

4.5 Summary

Free

1m

3.5 Requirement 3 Part 1

Free

11m

3.6 Requirement 3 Part 2

Free

6m

3.7 Requirement 4

Free

4m

3.8 Requirement 5

Free

8m

3.9 Requirement 6

Free

14m

3.10 Requirement 7

Free

5m

3.11 Requirement 8

Free

11m

3.12 Requirement 9

Free

10m

3.13 Requirement 10

Free

8m

3.14 Requirement 11

Free

7m

3.15 Requirement 12 Part 1

Free

10m

3.16 Requirement 12 Part 2

Free

8m

4.1 Compensating Controls

7m

Module 4: Preparing For and Passing Your Audit
3.1 PCI/DSS Goals and Requirements

10m

Module 3: PCI/DSS Requirements
1.1 Course Introduction

2m

Module 1: Introduction to Payment Card Industry Standards
2.1 Merchants

11m

Module 2: Merchants
3.2 Requirement 1 Part 1

10m

Module 3: PCI/DSS Requirements
1.2 PCI/DSS

7m

Module 1: Introduction to Payment Card Industry Standards
4.3 Prioritized Approach

4m

Module 4: Preparing For and Passing Your Audit
3.3 Requirement 1 Part 2

10m

Module 3: PCI/DSS Requirements
4.4 Scoping

9m

Module 4: Preparing For and Passing Your Audit
3.4 Requirement 2

8m

Module 3: PCI/DSS Requirements
4.5 Summary

1m

Module 4: Preparing For and Passing Your Audit
3.5 Requirement 3 Part 1

11m

Module 3: PCI/DSS Requirements
3.6 Requirement 3 Part 2

6m

Module 3: PCI/DSS Requirements
3.7 Requirement 4

4m

Module 3: PCI/DSS Requirements
3.8 Requirement 5

8m

Module 3: PCI/DSS Requirements
3.9 Requirement 6

14m

Module 3: PCI/DSS Requirements
3.10 Requirement 7

5m

Module 3: PCI/DSS Requirements
3.11 Requirement 8

11m

Module 3: PCI/DSS Requirements
3.12 Requirement 9

10m

Module 3: PCI/DSS Requirements
3.13 Requirement 10

8m

Module 3: PCI/DSS Requirements
3.14 Requirement 11

7m

Module 3: PCI/DSS Requirements
3.15 Requirement 12 Part 1

10m

Module 3: PCI/DSS Requirements
3.16 Requirement 12 Part 2

8m

Module 3: PCI/DSS Requirements
Course Description

Every organization that processes credit card payments has the payment card industry data security standard (PCI DSS) applied to it. By working in an organization that accepts credit card payments or stores, as well as processes and transmits cardholder data, you must be aware of the requirements placed upon you by the payment card industry.

PCI data security standard is meant to protect the data of credit and debit cardholders to minimize or eliminate data breaches and other security incidents. The PCI DSS has 12 high-level requirements involving the protection of payment card data during processing, storage, or transmission.

To be PCI compliant, entities must maintain secure internal operations, remediate insecure practices, and submit validation and/or compliance reports. Failure to comply with the PCI DSS can result in fines and/or penalties–the severity of which is defined by the individual payment card brands.

PCI DSS supplies a guide that describes all of the requirements an organization must meet for compliance. Many of the mandates in the document are open to interpretation and may not clearly define what is applicable to your organization. The document also does little to account for some of the intricacies associated with how payments are actually processed. And then there is the interpretation of compensating controls one must consider to determine if your company is meeting the spirit of the requirements.

The proliferation of online marketplaces and the increased ease of using secure applications to submit payments has made the understanding of PCI regulations a necessity for professionals throughout organizations. Information technology professionals will most likely be exposed to having to operate and secure a payment card environment.

This course will explore all of the PCI requirements and touch on how they can be satisfied outright or via compensating controls. Upon completion of this course, students will obtain a deep understanding of how payment cards are processed, and they will also be able to determine what is considered in scope for an assessment and differentiate between compliance levels.

This course is meant to help you prepare your organization so that you are able to navigate all of the pitfalls that are associated with becoming a PCI compliant company. Upon completion, you will understand the PCI compliance mandates and how to properly prepare your environment so that you may successfully pass an audit.

What is PCI DSS?

The Payment Card Industry Data Security Standard, or PCI DSS, is a list of criteria mandated by the Payment Card Industry Security Standards Council that requires organizations that handle credit card data to comply with. Compliance with the PCI DSS is reviewed and validated for organizations quarterly or annually via an external audit. The PCI DSS was created to reduce credit card fraud by increasing the controls related to protecting cardholder data.

What is PCI DSS Compliance?

PCI DSS is a list of requirements that cover major payment card companies like Visa, MasterCard, Discover, American Express, and JCB. The list is comprised of 12 general data security requirements that all merchants must adhere to. Additionally, there are more than 200 supplementary requirements that apply to some merchants, depending on the company.

The 12 PCI DSS requirements dictate that merchants:

  • Install and maintain a firewall configuration to protect cardholder data.
  • Do not use vendor-supplied defaults for system passwords and other security parameters.
  • Protect stored cardholder data.
  • Encrypt transmission of cardholder data across open, public networks.
  • Use and regularly update antivirus software.
  • Develop and maintain secure systems and applications.
  • Restrict access to cardholder data by business need-to-know.
  • Assign a unique ID to each person with computer access.
  • Restrict physical access to cardholder data.
  • Track and monitor all access to network resources and cardholder data.
  • Regularly test security systems and processes.
  • Maintain a policy that addresses information security for employees and contractors.
  • What Does this PCI DSS Training Cover?

    The PCI DSS was established to ensure the security of debit and credit cardholders’ information and to eliminate or significantly reduce security incidents and data breaches. The standard that has been set consists of 12 requirements that must be met by all entities that handle payment card transactions including the processing, storage, and transmission of card data. In order to remain in compliance, these entities must always maintain protected internal operations, resolve any insecure practices, and complete validation or compliance reports. If they are not in compliance with the current PCI DSS version, they may be fined or otherwise penalized.

    The PCI DSS course was created because IT professionals working for organizations involved with payment cardholders’ data, in any manner, will likely be exposed to the operations and security of a payment card environment.

    When you have completed the PCI training, you will have a good understanding of how payment card processing works, what is involved in a compliance assessment, and how to distinguish different compliance levels. Additionally, the course will prepare you to help your company maintain compliance with the PCI Security Standards Council and successfully pass an audit.

    The PCI DSS course has a total of 3 hours and 37 minutes of clock time that you can work on at your own pace. You will receive a Certificate of Completion when you complete training.

    Who Should Take the PCI DSS Training Course?

    Cybrary’s Payment Card Industry Data Security Standard online class is intended to be taken by any professionals who are employed in corporate finance or at any entity that is involved in debit or credit card processing who need to be familiar with the fundamental aspects of the mandate. Additionally, the entire course can be taken by anyone who is interested in accounting, finance, IT, information or cyber security, or any other related fields.

    Train Your Team

    Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.

    Included in a Path

    Instructors

    Timothy McLaurin
    Director of Information Security at Wildcard Corp
    Read Full Bio
    Learn

    Learn core concepts and get hands-on with key skills.

    Practice

    Exercise your problem-solving and creative thinking skills with security-centric puzzles

    Prove

    Assess your knowledge and skills to identify areas for improvement and measure your growth

    Get Hands-on Learning

    Put your skills to the test in virtual labs, challenges, and simulated environments.

    Measure Your Progress

    Track your skills development from lesson to lesson using the Cybrary Skills Tracker.

    Connect with the Community

    Connect with peers and mentors through our supportive community of cybersecurity professionals.

    Success from Our Learners

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Becoming a Cybrary Insider Pro was a total game changer. Cybrary was instrumental in helping me break into cybersecurity, despite having no prior IT experience or security-related degree. Their career paths gave me clear direction, the instructors had real-world experience, and the virtual labs let me gain hands-on skills I could confidently put on my resume and speak to in interviews."

    Cassandra

    Information Security Analyst/Cisco Systems

    "I was able to earn both my Security+ and CySA+ in two months. I give all the credit to Cybrary. I’m also proud to announce I recently accepted a job as a Cyber Systems Engineer at BDO... I always try to debunk the idea that you can't get a job without experience or a degree."

    Casey

    Cyber Systems Engineer/BDO

    "Cybrary has helped me improve my hands-on skills and pass my toughest certification exams, enabling me to achieve 13 advanced certifications and successfully launch my own business. I love the practice tests for certification exams, especially, and appreciate the wide-ranging training options that let me find the best fit for my goals"

    Angel

    Founder,/ IntellChromatics.

    PCI DSS: Payment Card Industry Data Security Standard

    This online PCI DSS training course covers the basic aspects of the PCI Data Security Standard for handling credit card data. It’s designed for professionals working for companies that must comply with the PCI DSS and its impact on company operations.
    3
    7
    M
    Time
    beginner
    difficulty
    4
    ceu/cpe

    Course Content

    Course Description

    Every organization that processes credit card payments has the payment card industry data security standard (PCI DSS) applied to it. By working in an organization that accepts credit card payments or stores, as well as processes and transmits cardholder data, you must be aware of the requirements placed upon you by the payment card industry.

    PCI data security standard is meant to protect the data of credit and debit cardholders to minimize or eliminate data breaches and other security incidents. The PCI DSS has 12 high-level requirements involving the protection of payment card data during processing, storage, or transmission.

    To be PCI compliant, entities must maintain secure internal operations, remediate insecure practices, and submit validation and/or compliance reports. Failure to comply with the PCI DSS can result in fines and/or penalties–the severity of which is defined by the individual payment card brands.

    PCI DSS supplies a guide that describes all of the requirements an organization must meet for compliance. Many of the mandates in the document are open to interpretation and may not clearly define what is applicable to your organization. The document also does little to account for some of the intricacies associated with how payments are actually processed. And then there is the interpretation of compensating controls one must consider to determine if your company is meeting the spirit of the requirements.

    The proliferation of online marketplaces and the increased ease of using secure applications to submit payments has made the understanding of PCI regulations a necessity for professionals throughout organizations. Information technology professionals will most likely be exposed to having to operate and secure a payment card environment.

    This course will explore all of the PCI requirements and touch on how they can be satisfied outright or via compensating controls. Upon completion of this course, students will obtain a deep understanding of how payment cards are processed, and they will also be able to determine what is considered in scope for an assessment and differentiate between compliance levels.

    This course is meant to help you prepare your organization so that you are able to navigate all of the pitfalls that are associated with becoming a PCI compliant company. Upon completion, you will understand the PCI compliance mandates and how to properly prepare your environment so that you may successfully pass an audit.

    What is PCI DSS?

    The Payment Card Industry Data Security Standard, or PCI DSS, is a list of criteria mandated by the Payment Card Industry Security Standards Council that requires organizations that handle credit card data to comply with. Compliance with the PCI DSS is reviewed and validated for organizations quarterly or annually via an external audit. The PCI DSS was created to reduce credit card fraud by increasing the controls related to protecting cardholder data.

    What is PCI DSS Compliance?

    PCI DSS is a list of requirements that cover major payment card companies like Visa, MasterCard, Discover, American Express, and JCB. The list is comprised of 12 general data security requirements that all merchants must adhere to. Additionally, there are more than 200 supplementary requirements that apply to some merchants, depending on the company.

    The 12 PCI DSS requirements dictate that merchants:

  • Install and maintain a firewall configuration to protect cardholder data.
  • Do not use vendor-supplied defaults for system passwords and other security parameters.
  • Protect stored cardholder data.
  • Encrypt transmission of cardholder data across open, public networks.
  • Use and regularly update antivirus software.
  • Develop and maintain secure systems and applications.
  • Restrict access to cardholder data by business need-to-know.
  • Assign a unique ID to each person with computer access.
  • Restrict physical access to cardholder data.
  • Track and monitor all access to network resources and cardholder data.
  • Regularly test security systems and processes.
  • Maintain a policy that addresses information security for employees and contractors.
  • What Does this PCI DSS Training Cover?

    The PCI DSS was established to ensure the security of debit and credit cardholders’ information and to eliminate or significantly reduce security incidents and data breaches. The standard that has been set consists of 12 requirements that must be met by all entities that handle payment card transactions including the processing, storage, and transmission of card data. In order to remain in compliance, these entities must always maintain protected internal operations, resolve any insecure practices, and complete validation or compliance reports. If they are not in compliance with the current PCI DSS version, they may be fined or otherwise penalized.

    The PCI DSS course was created because IT professionals working for organizations involved with payment cardholders’ data, in any manner, will likely be exposed to the operations and security of a payment card environment.

    When you have completed the PCI training, you will have a good understanding of how payment card processing works, what is involved in a compliance assessment, and how to distinguish different compliance levels. Additionally, the course will prepare you to help your company maintain compliance with the PCI Security Standards Council and successfully pass an audit.

    The PCI DSS course has a total of 3 hours and 37 minutes of clock time that you can work on at your own pace. You will receive a Certificate of Completion when you complete training.

    Who Should Take the PCI DSS Training Course?

    Cybrary’s Payment Card Industry Data Security Standard online class is intended to be taken by any professionals who are employed in corporate finance or at any entity that is involved in debit or credit card processing who need to be familiar with the fundamental aspects of the mandate. Additionally, the entire course can be taken by anyone who is interested in accounting, finance, IT, information or cyber security, or any other related fields.

    This course is part of a Career Path:
    No items found.

    Instructed by

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a PCI DSS: Payment Card Industry Data Security Standard Certificate of Completion