kaplan IT540 unit 5 assignment

kaplan IT540 unit 5 assignment

Question # 00062912 Posted By: neil2103 Updated on: 04/24/2015 12:07 AM Due on: 04/30/2015
Subject Computer Science Topic General Computer Science Tutorials:
Question
Dot Image

Unit 5 Assignment

Outcomes addressed in this activity:

·Assess the risk to information systems and data.

·Explain how encryption protects cardholder data at rest or in transit.

·Select physical security principles for a cardholder environment.

·Recommend cryptographic solutions for protecting cardholder data.

Course outcome:

IT540-4: Assess computer networks for regulatory compliance.

Instructions

Submit your project in the usual double-spaced APA-styled report. At least four pages of material are expected

beyond the title page, table of contents, abstract, and references page.

Part 1:

Scenario: You visit a retail establishment, shop around, and finally carry several products to one of the point of sale (POS) terminals distributed openly around the store. You produce a credit card, the sales clerk processes the transaction, bags your goods, and hands you the receipt. On your way to the exit, a store employee asks to see your receipt and checks the contents of the store bag. Document each of the major events just described and explain them in terms of the PCI compliance standard. Include this report in your weekly assignment.

Part 2:

This project will cover PCI. Please refer to Figure B1 in Doc Sharing.

Answer the following questions in essay style:

Q1. Suppose HGA’s mainframe (Figure B-1 in doc sharing) stored cardholder data in the private databases. What steps should be taken to protect that data in order to be PCI compliant?

Q2. HGA’s mainframe has network connectivity. Assuming that cardholder data is transmitted across these networks, describe how it should be protected in transmission.

Q3. Users are located at various sites connected to the HGA network. Suggest appropriate access controls to restrict unauthorized users from looking at cardholder data.

Q4. The PCI specification notes that all systems and network devices connected to a system that stores, transmits or processes cardholder data is in scope and must comply with PCI specifications. To avoid having the whole network subject to PCI specifications, how would you segment the network to reduce the scope of compliance?

Assignment Requirements:

· Answers contain sufficient information to adequately answer the questions

Dot Image
Report this Question as Inappropriate
Tutorials for this Question
  1. neil2103
    Tutorial # 00058828 Posted By: neil2103 Posted on: 04/24/2015 12:09 AM
    Puchased By: 3
    Tutorial Preview
    The solution of kaplan IT540 unit 5 assignment...
      Get the Solution
    Attachments
    IT540_Unit_5_Assignment_(1).doc (70.5 KB)
    Recent Feedback
    Rated By Feedback Comments Rated On
    Qu...012 Rating Motivating and helpful experts 05/24/2015
  Get the Solution

Great! We have found the solution of this question!

Related Questions and Answers

Whatsapp Lisa