For systems not typically affected by malware, what action is required to determine whether antivirus is still necessary?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI DSS Requirements Test with our interactive quizzes. Use multiple choice questions, flashcards, and detailed explanations. Ace your exam with confidence!

Multiple Choice

For systems not typically affected by malware, what action is required to determine whether antivirus is still necessary?

Explanation:
Regular reassessment is required because the security landscape changes over time. Even systems not typically targeted by malware can become at risk as threats evolve, new exploits appear, or the system’s role changes. By performing periodic evaluations, you gather up-to-date threat intelligence and determine whether the reason for not using antivirus on those systems still holds. If the assessment shows rising risk, you adjust controls accordingly (for example, deploying antivirus or implementing compensating controls). This ongoing, risk-based approach aligns with how anti-malware decisions should be made. Doing nothing ignores evolving threats. Installing antivirus on these systems regardless of assessment isn’t answering the question of whether it’s still necessary. An annual penetration test covers broader vulnerabilities but isn’t the mechanism for continually validating the necessity of antivirus on specific systems.

Regular reassessment is required because the security landscape changes over time. Even systems not typically targeted by malware can become at risk as threats evolve, new exploits appear, or the system’s role changes. By performing periodic evaluations, you gather up-to-date threat intelligence and determine whether the reason for not using antivirus on those systems still holds. If the assessment shows rising risk, you adjust controls accordingly (for example, deploying antivirus or implementing compensating controls). This ongoing, risk-based approach aligns with how anti-malware decisions should be made.

Doing nothing ignores evolving threats. Installing antivirus on these systems regardless of assessment isn’t answering the question of whether it’s still necessary. An annual penetration test covers broader vulnerabilities but isn’t the mechanism for continually validating the necessity of antivirus on specific systems.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy