Return to course: Log Management for PCI DSS Compliance
Log Management for PCI DSS Compliance
Part 1: What Is Log Management?
Introduction to Log Management
Intro to Log Management Quiz
Part 2: Security Events That Must Be Logged
Requirement 10.2.x: What Must Be Logged
Security Events Quiz
Part 3: Protect Audit Logs
Requirement 10.3.x Protect Audit Logs
Protect Audit Logs Quiz
Part 4: Review & Retain Audit Logs
Requirement 10.4.x & 10.5.x: Review and Retain Audit Logs
Review and Retain Logs - Quiz
Part 5: Detect, Report, and Respond
Requirement 10.7.x: Detect, Report, Respond
Detect, Report, and Respond Quiz
Part 6: Requirement 10 Interdependencies
Requirement Interdependencies Quiz
Review and Retain Logs – Quiz
Regular log reviews mean (select all that apply)
Incidents can be quickly identified
Incidents can be proactively addressed.
Minimizes the amount of time and exposure of a potential breach
Security events are required to be reviewed once a week
The following audit logs must be reviewed daily (select all that apply)
All security events
Logs of all system components that store, process, or transmit CHD and/or SAD.
The number of transactions for each point of sale device
Logs of all critical system components.
Logs from all network security controls
Logs must be retained for 12 months