Payment Card Industry (PCI) Data Security Standards Practice Test

When examining anti-virus software installed on a system component, which of the following steps must be performed by the assessors to validate that the anti-virus software is operating in a PCI DSS compliant manner?

• A. Examine audit logs to verify anti-virus log files are securely deleted at least every three months
• B. Examine system configurations to verify antivirus software is actively running
• C. Observe processes to verify users can configure anti-virus settings as needed for their job function
• D. Observe change-control procedures to verify anti-virus definitions are reinstalled at least every 6 months

The correct answer is: Examine system configurations to verify antivirus software is actively running

The validation of anti-virus software operating in a PCI DSS compliant manner involves ensuring that the software is actively providing protection against malware and other threats. By examining system configurations to verify that the anti-virus software is actively running, assessors can confirm that the necessary protections are in place. This is a direct indicator of the software's functionality and its role in safeguarding cardholder data, which is a fundamental requirement of the PCI DSS. Anti-virus software must consistently be active to monitor and mitigate risks associated with malware. If the software is not running, it cannot provide the protection required by the standards. Therefore, checking the system configurations is a critical step in establishing compliance since it demonstrates that the organization takes necessary precautions against threats effectively. This approach focuses specifically on the operational status of the anti-virus software, ensuring it is performing as intended, which is essential for maintaining a secure environment for payment card data. Other options do not focus on confirming the active status of the software, which is the core issue of compliance in this context.