Jones & Bartlett Lecture Presentation and Assignment: PCI DSS and the Seven Domains
1a) Find one control from NIST 800-53 (latest version) that pertains to this PCI Goal (GOAL 1: Build and maintain a secure network that is PCI DSS compliant).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
(Hint: See NIST Special Publication 800-53A for how they assess the controls)
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
2a) Find one control from NIST 800-53 (latest version) that pertains to this PCI Goal (GOAL 2:Protect cardholder data).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
(Hint: See NIST Special Publication 800-53A for how they assess the controls)
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
3 a) Find one control from SANS Top 20 Critical Security Controls that pertains to this PCI Goal (GOAL 3:Maintain a vulnerability management program).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
4a) Find one control from NIST 800-53 (latest version) that pertains to this PCI Goal (GOAL 4:Implement strong access control measures).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
(Hint: See NIST Special Publication 800-53A for how they assess the controls)
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
5a) Find one control from SANS Top 20 Critical Security Controls that pertains to this PCI Goal (GOAL 5:Regularly monitor and test networks).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
6a) Find one control from NIST 800-53 (latest version) that pertains to this PCI Goal (GOAL 6:Maintain an information security policy).
b) How will the security control you selected mitigate risks identified in this goal?
c) What are the criteria for measuring the control you selected, to ensure it is properly implemented? In other words, how will the security control be evaluated?
(Hint: See NIST Special Publication 800-53A for how they assess the controls)
- Please use your own words to describe the control and the criteria for measuring the control.
Most importantly, describe why the control you selected pertains to this PCI Goal.
NOTE
APA reminders - In your Discussions and Assignments -
* Use less than 10% direct quotes
* Quotes over 40 words not allowed in this classes (by exception only ahead of time)
* Every quote needs a specific page or paragraph number
* Ideas and concepts from articles on websites need to be re-written in your own thoughts, vocabulary, and ideas and not simply paraphrased.
Microsoft Word document with double spacing, 12-point Times New Roman font, and one-inch margins.
Make sure you cite if you take a piece of someone's work, very important and your reference should relate to your writing (don't cite a reference because it relates to the course and not this very paper) at least 4 current and relevant academic references.
No heavy paraphrasing of others work.
Format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.