PCI 5:
Requirement 5: Use and regularly update anti-virus software.
- Many vulnerabilities and malicious viruses enter the network via employees’ email activities. Anti-virus software must be used on all email systems and desktops to protect systems from malicious software.
- For the sample of (insert number and/or description of sample) system components, verify that anti-virus software is installed.
- For the sample of (insert number and/or description of sample) system components, verify that anti-virus software is installed.
- To verify that anti-virus software is current as of (insert as-of date), actively running, and capable of generating logs, perform the following:
- To verify that anti-virus software is current as of (insert as-of date), actively running, and capable of generating logs, perform the following:
- Obtain and review the policy requiring updates to anti-virus software and definitions.
- Verify that the master installation of the software is enabled for automatic updates and periodic scans, and that the servers examined at 5.1 above have these features enabled.
- Verify that log generation is enabled and that the logs are being retained in accordance with the company’s retention policy.
--Mdpeters 10:18, 7 July 2006 (EDT)