Fundamentals of PCI-DSS v4.0.0
Learn everything about the Payment Card Industry Data Security Standards, including assessment and the 12 requirements.
4.67 (1764 reviews)
10 664
students
23 hours
content
Apr 2025
last update
$84.99
regular price
What you will learn
You'll learn about the terminology essential to the PCI-DSS, such as CDE, CHD, SAD, PANs, SAQs, ROCs, QSAs, as well as other payment industry terms
You'll learn about the history of the PCI-DSS and its major revisions
You'll learn about how the assessment process works, with ROCs and SAQs, and a clarification of the 8 types of SAQs
You'll learn everything about Requirement 1, involving having a firewall configuration to isolate your card data, network documentation and more
You'll learn everything about Requirement 2, including changing vendor defaults, isolating server functionality and securing vulnerabilities in devices
You'll learn everything about Requirement 3 in terms of securing stored data, including encryption protocols, key lifecycle, key management and more
You'll learn everything about Requirement 4, protecting data in transit, including masking plaintext PANs and using strong encryption protocols such as WPA/WPA2
You'll learn everything about Requirement 5, in terms of preventing malware through an antivirus solution that is frequently updated and frequently runs scans
You'll learn everything about Requirement 6, in terms of developing securely, doing regular vulnerability assessment and patching
You'll learn everything about Requirement 7, in terms of limiting access to card data by "need-to-know", minimising who accesses it formally
You'll learn everything about Requirement 8, in terms of identifying access through unique user IDs, strong authentication and MFA, password practices and more
You'll learn everything about Requirement 9, in terms of physical security, visitor identification/authorisation, as well as media storage/transport/destruction
You'll learn everything about Requirement 10, in terms of having a logging solution, logging specific required events, specific data points, and log integrity
You'll learn everything about Requirement 11, in terms of doing regular AP (authorised + rogue) and IP audits, vulnerability testing, pentesting, etc
You'll learn everything about Requirement 12, in terms of having a company-wide InfoSec policy, including employee screening, third-party screening, etc
Course Gallery
Loading charts...
Comidoc Review
Our Verdict
This course offers a comprehensive understanding of Payment Card Industry Data Security Standards, making it invaluable for professionals working in cybersecurity and compliance. It distinguishes itself from other similar courses by diving deep into the topic's complexities using vivid explanations, real-life examples, quizzes, and the latest v4.0.0 updates. Occasional repetition and minimal global updates post-2025 are minor shortcomings in an otherwise engaging and informative course.
What We Liked
- In-depth coverage of PCI-DSS v4.0.0 with 23 total hours of content
- Real-world examples and case studies for improved understanding
- Logical course structure, allowing easy implementation of acquired knowledge
- Detailed explanation of the 12 requirements, including encryption protocols, unique user IDs, logging solutions, AP audits, and more
- Explanation of complex terminology in clear and concise terms
Potential Drawbacks
- Some repetition in course material according to a few recent reviewers
- Minimal mention of global updates in PCI-DSS after 2025 (this might not be an issue depending on the release date of the course)
- Limited number of hands-on exercises or practical work with PCI-DSS tools
Related Topics
4384822
udemy ID
06/11/2021
course created date
15/11/2021
course indexed date
Bot
course submited by