Nt1330 Unit 6 Assignment

Words: 1041
Pages: 5
Open Document
Part 1

Scenario: You visit a retail establishment, shop around, and finally carry several products to one of the point of sale (POS) terminals distributed openly around the store. You produce a credit card, the sales clerk processes the transaction, bags your goods, and hands you the receipt. On your way to the exit, a store employee asks to see your receipt and checks the contents of the store bag. Document each of the major events just described and explain them in terms of the PCI compliance standard. Include this report in your weekly assignment.

This retail establishment will need to meet the Payment Card Industry Data Security Standard. There are twelve main functionalities of PCI DSS.
Requirement 1:.PCI DSS requires a firewall …show more content…
Requirement 6: Application that have client data should be secured with application ids and passwords. All applications should be maintained by system administrators
Requirement 7: Only persons with a need to know will access the client data environment no exceptions!
Requirement 8: Each person requiring access must have an ID.
Requirement 9: The physical environment where cardholder data will be stored should be secured with cameras, pin protect doors, and etc.
Requirement 10: There will be a paper trail on who, when and what was accessed.
Requirement 11: Penetration testing should be done to ensure all security protocols are up to date
Requirement 12: Every employee will be trained and briefed on security policies on how to handle cardholder data regularly (Chuvakin, A. …show more content…
A firewall is required within requirement one to secure “always-on” connections. There will be a firewall implemented between the cardholder data system and wireless network. Each firewall configured will deny or control all traffic being communicated between wireless and cardholder data setting. Wireless encryption protocol is prohibited in order to be PCI DSS compliant. All weak keys should ne disabled and TLS 1.1 or better should be implemented. PCI DSS requires that all systems are malware protected and system antivirus updates are performed routinely (Calder, Carter, 2008).

3. Users are located at various sites connected to the HGA network. Suggest appropriate access controls to restrict unauthorized users from looking at cardholder data.
Every user will need a unique Identifier and network password for access according to requirement eight. Two factor authentication can be added as an extra layer of security onto the network and passwords shouldn’t be readable. For example you could issue those authorized users a token to use in order to access cardholder data when signing in. They’ll use both password and token number to sign on. Requirement seven requires card holder data to only be accessed by those with a need to know. Strong cryptography should be used when transmitting passwords across the
Show More

Related Documents: Nt1330 Unit 6 Assignment

Nt1330 Unit 6 Assignment

2.2 Ideation Canvas People: Users who are involved in the interaction with each other. Customer is the main user who is using the application most. Agent also uses the application to post any hoarding details online for booking purpose. Some private party also owns some hoardings so they can also use for putting their hoarding for customers. Business persons can refer the application for further assistance to promote their products via advertisement. Corporate customer would constantly following…

Words 1376 - Pages 6

Nt1330 Unit 6 Assignment

that Excel files gives you the ability to see who is the last to modify the data. In the business function that I described is important that only the authorized have the ability to change the data. Since the employees need to know what their work assignment is for that day, they need access to the schedule, but does not need to change the data. This must be a manager decision on changing the employee’s duties for that day. Therefore, we place the schedule on a Share…

Words 1343 - Pages 6

Nt1330 Unit 6 Assignment

Now my team would be responsible for selling all products that Skillsoft offers such as leadership, business, desktop, and project management. We were still able to sell the compliance products we were used to, 2 UNIT 6 ASSIGNMENT but now we were responsible for knowing enough about all the other products as well to be able to sell them to meet a quota. The Seven Phases of Change Management Establishing the need for change I established the need for change by having an…

Words 878 - Pages 4

Nt1330 Unit 6 Assignment

20. I am assigned to build a programming application that involves numbers and calculations: [Being good with figures] a. I am not so good with such matters. 4 b. When numbers are involved, I get stressed. 3 c. I can remember difficult numbers. 2 d. I can manage without difficulties. 1 21. A technical issue arises concerning the company’s servers: [Application of professional techniques, entrepreneurial thinking] a. I usually know everything. 4 b. I assign it to another co-worker that is more appropriate…

Words 1314 - Pages 6

Nt1330 Unit 6 Assignment 1

Task 6 FTP server is an application that run the FTP. File Transfer Protocol (FTP) is a protocol that use TCP/IP connection to transmit files between computers (client and server) on the internet. Briefly FTP is an internet services that helps to establish the connection to a server or computer. In order to access the FTP server the client need to be connected to the internet via LAN, modem or any other transmission media. Most commonly FTP vulnerability such as Bounce Attack, Spoof Attack, Packet…

Words 560 - Pages 3