Anti-virus and Malicious Code Policy Overview

Questions and Answers

What is the primary aim of the Anti-virus and Malicious Code Policy?

• To monitor the web traffic of all network users
• To enhance the speed of network gateways and servers
• To protect networks, information processing facilities, and mobile devices from malicious software (correct)
• To provide support and guidance to third-party vendors

Who is responsible for being vigilant against suspicious emails and reporting any suspected or detected viruses to the IT helpdesk?

• IT security manager
• Users (correct)
• Third-party vendors
• Anti-virus administrators

What is mandated for proactive and periodic scanning for viruses?

• Continuous monitoring of all network traffic
• Quarterly manual scanning of all devices
• Automated updates and scheduled checks of files (correct)
• Real-time virus detection and removal

Which platforms require anti-virus configuration according to the policy?

Systems running Microsoft Windows and Linux/Unix operating systems (C)

What are the specific requirements for anti-virus protection for workstations, laptops, and servers?

Automated updates and scheduled checks of files (B)

What is required for enforcement of the policy in case of deviation?

A valid business case reviewed and approved by the Security Management Team and/or Legal Counsel (A)

What is the responsibility of third-party vendors according to the policy?

Provide updates in a timely manner and offer support and guidance as necessary (D)

What is emphasized in the policy regarding obtaining files from external networks?

Strict controls (C)

What are the different anti-virus solutions required for according to the policy?

Gateway virus scanning and email content scanning (C)

Study Notes

Anti-virus and Malicious Code Policy Overview

• The policy aims to protect all networks, information processing facilities, and mobile devices from malicious software, including viruses, worms, Trojans, and spyware.
• It is designed to minimize the impact of malicious software on business and to comply with PCI DSS requirements.
• The scope covers all information processing facilities and mobile devices under the company's control, including network gateways, laptops, workstations, servers, and other mobile technology.
• The policy outlines the roles and responsibilities of client, server, and anti-virus administrators, IT security manager, users, and third-party vendors.
• It emphasizes the need for approved anti-virus software installation and regular updates, strict controls on obtaining files from external networks, and monitoring the effectiveness of anti-virus software.
• Users are responsible for being vigilant against suspicious emails, scanning media from unknown sources for viruses, and reporting any suspected or detected viruses to the IT helpdesk.
• Third-party vendors are required to provide updates in a timely manner and offer support and guidance as necessary.
• The policy mandates proactive and periodic scanning for viruses and scanning of files received on removable media from outside the trusted network.
• It specifies the platforms requiring anti-virus configuration, including systems running Microsoft Windows and Linux/Unix operating systems.
• Workstations, laptops, and servers have specific requirements for anti-virus protection, including automated updates and scheduled checks of files.
• Different anti-virus solutions are required for gateway virus scanning and email content scanning, with specific protocols for scanning web traffic and email attachments.
• Enforcement of the policy involves disciplinary action for employees found to have violated it, with deviation permitted only with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel.