$36.$

When examining anti$-$virus software installed

on a system component, which of the following

steps must be performed by the assessor to

validate that the anti$-$virus software is operating in

a PCI DSS $-$compliant manner?

O Examine audit logo to verify anti$-$virus log files are securely

deleted at least every $3$ months

$$ Examine system configurations to verify anti$-$virus software is

actively running

O Observe processes to verify users can configure anti$-$virus

settings as needed for their job function

O Observe change$-$control procedures to verify anti$-$virus

definitions are reinstalled at least every $6$ months