Professional Documents
Culture Documents
The 12 Requirements: Req. 5: Prevent Malware
The 12 Requirements: Req. 5: Prevent Malware
THE 12 REQUIREMENTS
REQ. 5: PREVENT MALWARE
Sub-requirements include:
- 5.1 AV Software on Commonly Affected Systems
- 5.2 Frequent Updating, Scanning, Logging
- 5.3 AV Not Disabled by Individual Users
- 5.4 Document/Enforce Policies and Procedures
THE 12 REQUIREMENTS
THE 12 REQUIREMENTS
REQ. 5: PREVENT MALWARE
THE 12 REQUIREMENTS
REQ. 5: PREVENT MALWARE
THE 12 REQUIREMENTS
REQ. 5: PREVENT MALWARE
EXAMPLES
THE 12 REQUIREMENTS
REQ. 5: PREVENT MALWARE
KEY TAKEAWAYS
/03 5.2 FREQUENT U/S/L /04 5.3 USERS CAN’T TURN OFF
This point is about frequently updating, scanning, and 5.3 is all about users not being able to individually turn
logging. The AV must be up-to-date, it must run scans off the AV in their machines if they feel like it. There
regularly, and the logs must be kept. are specific exceptions, requiring good justifications.