PCI DSS Compliance
IS3110
Week 2 Home Work
To be in compliance with the PCI DSS Compliance Yield more must do the following Build and maintain a secure network, Protect cardholder data, Maintain a vulnerability management program, Implement strong access control measures, Regularly monitor and test networks, Maintain an information security policy. To remained in compliance of the PCI DSS Compliance I am recommends the following for the control objective of Build and maintain a secure network- I am recommends that we Install and maintain a firewall configuration to protect cardholder data and Do not use vendor-supplied defaults for system passwords and other security parameters.
The second control objective is Protect cardholder data I am recommends that we Protect stored cardholder data by Encrypt transmission of cardholder data across open, public networks. The Third control objective is Maintain a vulnerability management program by Using and regularly update anti-virus software to an current virus definition and Develop and maintain secure systems and applications. The Fourth control objective is Implement strong access control measures this can be done by Restrict access to cardholder data by business need-to-know, Assign a unique ID to each person with computer access. Restrict physical access to cardholder data. The Fifth Control Objective is regularly monitored and test networks, this can be done by Tracking and monitor all access to network resources and cardholder data and regularly test security systems. The sixth control Objective is Maintain an information security policy, I am recommends that we maintain a policy that addresses information security for all personnel.
I am justify my reasoning for doing these practices because if you do not do what I recommend the following can happen it could be disastrous Compromised data negatively affects consumers, merchants, and financial institutions, one incident can severely damage your reputation and your
Week 2 Home Work
To be in compliance with the PCI DSS Compliance Yield more must do the following Build and maintain a secure network, Protect cardholder data, Maintain a vulnerability management program, Implement strong access control measures, Regularly monitor and test networks, Maintain an information security policy. To remained in compliance of the PCI DSS Compliance I am recommends the following for the control objective of Build and maintain a secure network- I am recommends that we Install and maintain a firewall configuration to protect cardholder data and Do not use vendor-supplied defaults for system passwords and other security parameters.
The second control objective is Protect cardholder data I am recommends that we Protect stored cardholder data by Encrypt transmission of cardholder data across open, public networks. The Third control objective is Maintain a vulnerability management program by Using and regularly update anti-virus software to an current virus definition and Develop and maintain secure systems and applications. The Fourth control objective is Implement strong access control measures this can be done by Restrict access to cardholder data by business need-to-know, Assign a unique ID to each person with computer access. Restrict physical access to cardholder data. The Fifth Control Objective is regularly monitored and test networks, this can be done by Tracking and monitor all access to network resources and cardholder data and regularly test security systems. The sixth control Objective is Maintain an information security policy, I am recommends that we maintain a policy that addresses information security for all personnel.
I am justify my reasoning for doing these practices because if you do not do what I recommend the following can happen it could be disastrous Compromised data negatively affects consumers, merchants, and financial institutions, one incident can severely damage your reputation and your