What should be verified about antivirus deployment on a sample of system components?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Boost your readiness for the PCI DSS Requirements Exam with engaging flashcards and comprehensive multiple choice questions. Each comes with hints and explanations to maximize your understanding!

Multiple Choice

What should be verified about antivirus deployment on a sample of system components?

Explanation:
The test is about confirming that anti-virus protection is in place where it should be. In practice, you don’t have to verify every device; you verify a representative sample of system components and check that anti-virus software is deployed on those components that are applicable for protection. This aligns with the idea that anti-virus coverage is required on systems commonly affected by malware, but not every single device in the environment may fall under that category. Why this fits best: it demonstrates evidence of control implementation across the environment without assuming every device must have antivirus, and it reflects the idea of applicability based on the type of device. The other statements aren’t correct because: requiring antivirus on every device goes beyond what needs to be demonstrated by a sample, stating that deployment is optional contradicts PCI DSS, and claiming only mobile devices require antivirus ignores other endpoints that can be affected.

The test is about confirming that anti-virus protection is in place where it should be. In practice, you don’t have to verify every device; you verify a representative sample of system components and check that anti-virus software is deployed on those components that are applicable for protection. This aligns with the idea that anti-virus coverage is required on systems commonly affected by malware, but not every single device in the environment may fall under that category.

Why this fits best: it demonstrates evidence of control implementation across the environment without assuming every device must have antivirus, and it reflects the idea of applicability based on the type of device.

The other statements aren’t correct because: requiring antivirus on every device goes beyond what needs to be demonstrated by a sample, stating that deployment is optional contradicts PCI DSS, and claiming only mobile devices require antivirus ignores other endpoints that can be affected.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy