Anti-virus and Malicious Code Policy Quiz

Anti-virus and Malicious Code Policy

• The purpose of this policy is to protect networks and information processing facilities from malicious software.
• The policy includes all information processing facilities and mobile computing devices under the control of the company.
• Approved anti-virus software must be installed and kept current on all systems and devices.
• Files received from external networks must be checked for malicious software before use or distribution.
• The IT Security Manager is responsible for ensuring a suitable anti-virus solution is in place and promoting awareness of virus threats.
• Users have responsibilities such as being cautious with unsolicited or suspicious emails and not downloading unauthorized software.
• Third party vendors must provide updates and support for anti-virus software.
• Anti-virus software must proactively and periodically scan for viruses and be actively running.
• Files received from sources outside the trusted network must be checked for viruses before being connected to the network.
• Workstations, laptops, and servers all require anti-virus protection.
• Laptops may need alternative arrangements for obtaining virus definition updates when operated away from the trusted network.
• Different anti-virus solutions should be used for network gateway and email content scanning.