Anti-virus and Malicious Code Policy Overview

Questions and Answers

What is the primary aim of the Anti-virus and Malicious Code Policy?

• Protecting networks and devices from various forms of malicious software (correct)
• Enforcing strict controls on obtaining files and software from external networks
• Requiring regular scanning for viruses and malware
• Defining roles and responsibilities for different personnel

Who is responsible for providing timely updates and support for the anti-virus solution?

• Third-party vendors (correct)
• IT security manager
• Users
• Server administrators

What is required for all systems connected to the network running any version of Microsoft Windows?

• Regular scanning for viruses
• Installation of an anti-virus solution (correct)
• Strict controls on obtaining files and software from external networks
• A risk assessment for other operating systems

What are users required to do regarding unsolicited or suspicious emails?

Be vigilant and report any suspected or detected viruses immediately (A)

What is the consequence of policy violations according to the policy?

Possibility of disciplinary action (B)

What is mandated for obtaining files and software from external networks?

Strict controls (B)

Who are the defined roles and responsibilities for, according to the policy?

Client, server, and anti-virus administrators, IT security manager, users, and third-party vendors (A)

What is required for systems running any version of Microsoft Windows, and what is required for other operating systems?

Anti-virus solution installed; risk assessment (C)

What are the specific guidelines provided for regarding anti-virus scanning and configuration?

Proactive and periodic scanning for viruses and scanning of files received on removable media (C)

Study Notes

Anti-virus and Malicious Code Policy Overview

• The policy aims to protect networks and devices from malicious software, including viruses, worms, Trojans, spyware, and malware.
• It is designed to minimize the impact on business in case of a malicious software breach and to meet PCI DSS requirements.
• The policy applies to all information processing facilities and mobile computing devices under the company's control, including workstations, servers, and other technology.
• Roles and responsibilities are defined for client, server, and anti-virus administrators, IT security manager, users, and third-party vendors.
• The policy mandates the use of approved anti-virus software, regular scanning for viruses, and strict controls on obtaining files and software from external networks.
• Users are required to be vigilant against unsolicited or suspicious emails, scan media from unknown sources for viruses, and report any suspected or detected viruses immediately.
• The policy requires third-party vendors to provide timely updates and support for the anti-virus solution on a 24x7 basis.
• Specific guidelines are provided for anti-virus scanning and configuration, including proactive and periodic scanning for viruses and scanning of files received on removable media.
• All systems connected to the network running any version of Microsoft Windows must have an anti-virus solution installed, and a risk assessment is required for other operating systems.
• Different anti-virus solutions are recommended for gateway virus scanning and email content scanning, with specific requirements for scanning web traffic and email attachments.
• Enforcement measures include the possibility of disciplinary action for policy violations, with deviations permitted only with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel.
• The policy references the Payment Card Industry Data Security Standard (PCI DSS) as part of its requirements.