COMPUTER SECURITY

OVERVIEW OF PCI SSC DATA SECURITY STANDARDS Reference link In an effort to enhance payment card data security, the PCI Security Standards Council (SSC) provides comprehensive standards and supporting materials, which include specification frameworks, tools, measurements, and support resources to help organizations ensure the security of cardholder information at all times. The PCI DSS is the cornerstone of the council, as it provides the necessary framework for developing a complete payment card data security process that encompasses prevention, detection, and appropriate reaction to security incidents. Tools and Resources Available from PCI SSC: Self-Assessment Questionnaires to assist organizations in validating their PCI DSS compliance. PIN Transaction Security (PTS) requirements for device vendors and manufacturers and a list of approved PIN transaction devices. Payment Application Data Security Standard (PA-DSS) and a list of Validated Payment Applications to help software vendors

 5 Types of Evidence and How to Use Them in a Workplace Investigation Reference link Character Evidence Character evidence is a testimony or document that is used to help prove that someone acted in a particular way based on the person’s morals, personality, or propensities. While this cannot be used to prove that a person’s behavior at a certain time was consistent with his or her character, it can be used in some workplace investigations to prove intent, motive, or opportunity. Demonstrative Evidence This type of evidence includes items that directly demonstrate a fact. Demonstrative evidence falls into two categories: Physical evidence: pieces of evidence you can see and touch, such as a sack of stolen inventory found in the employee’s locker Illustrative evidence: charts, graphs, photos, models, or recordings, such as a video of an employee harassing another employee This is one of the most reliable types of evidence to use in your investigation. While there are some cases where de

 Complete List of Cyber Security Standards Reference link The foremost aim of the formulation of cybersecurity standards is to improve the security of IT infrastructure and IT products used in organizations. Here, I am listing out a comprehensive list of standards that help you understand the benchmark in IT security. 1 . Information security management system (ISMS) (ISO/IEC 27000 Family):  It is a set of guidelines for maintaining infrastructure, mainly the company's data centers, to follow certain legal, technical and physical policies to ensure confidentiality, integrity, and availability of data reside in the company's data centers. It consists of a set of ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27006, and ISO/IEC 27007. 2. Common Criteria (ISO/IEC 15408): This standard mainly deals with the certification of IT products. It ensures the evaluation of IT products based on a set of approving standards that are widely followed by ind