9 Questions
According to the policy, all systems running Microsoft Windows and Linux/Unix operating systems connected to the network must have anti-virus protection.
True
The policy mandates proactive and periodic virus scanning, scanning of new code before production, and scanning files from external sources.
True
Workstations and laptops must have continuous anti-virus protection and regular updates, with alternative arrangements for laptops outside the trusted network.
True
Servers must undergo scheduled checks and scans of files, while a different anti-virus solution is required for network gateway and mail servers.
True
The policy requires approved anti-virus software installation, constant monitoring, and strict control over external files and software.
True
According to the policy, any employee violating the policy may face disciplinary action, and deviations are only permitted with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel.
True
The policy references the Payment Card Industry Data Security Standard (PCI DSS) as part of its requirements.
True
Third Party Vendors are responsible for providing timely updates and support for anti-virus software.
True
The policy applies only to company-controlled devices and equipment connecting to the company network.
False
Study Notes
Anti-virus and Malicious Code Policy Overview
- The policy aims to protect all networks, information processing facilities, and mobile computing devices from viruses, worms, Trojans, spyware, and malware.
- It is created to meet PCI DSS requirements and applies to all company-controlled devices and equipment connecting to the company network.
- The policy outlines roles and responsibilities for Client, Server, and Anti-Virus Administrators, IT Security Manager, Users, and Third Party Vendors.
- It requires approved anti-virus software installation, constant monitoring, and strict control over external files and software.
- Users are responsible for scanning suspicious emails and media, avoiding unapproved software, and reporting any virus incidents to the IT Helpdesk.
- Third Party Vendors are responsible for providing timely updates and support for anti-virus software.
- The policy mandates proactive and periodic virus scanning, scanning of new code before production, and scanning files from external sources.
- All systems running Microsoft Windows and Linux/Unix operating systems connected to the network must have anti-virus protection.
- Workstations and laptops must have continuous anti-virus protection and regular updates, with alternative arrangements for laptops outside the trusted network.
- Servers must undergo scheduled checks and scans of files, while a different anti-virus solution is required for network gateway and mail servers.
- Any employee violating the policy may face disciplinary action, and deviations are only permitted with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel.
- The policy references the Payment Card Industry Data Security Standard (PCI DSS) as part of its requirements.
Learn about the policy that aims to protect networks, information processing facilities, and mobile devices from viruses, worms, Trojans, spyware, and malware. Understand the roles and responsibilities outlined for various administrators, managers, users, and vendors. Explore the requirements for anti-virus software installation, monitoring, scanning protocols, and consequences for policy violations.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free