💼 5.3 Ensure that anti-virus mechanisms are actively running and cannot be disabled or altered by users, unless specifically authorized by management on a case-by-case basis for a limited time period.

ID: /frameworks/pci-dss-v3.2.1/05/03

Description

Anti-virus solutions may be temporarily disabled only if there is legitimate technical need, as authorized by management on a case-by-case basis. If anti-virus protection needs to be disabled for a specific purpose, it must be formally authorized. Additional security measures may also need to be implemented for the period of time during which anti-virus protection is not active.

Similar

Sections
- /frameworks/pci-dss-v4.0/05/03/05
Internal
- ID: dec-c-9c143f6c

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 5.3.5 Anti-malware mechanisms cannot be disabled or altered by users, unless specifically documented, and authorized by management on a case-by-case basis for a limited time period.					no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 5.3.5 Anti-malware mechanisms cannot be disabled or altered by users, unless specifically documented, and authorized by management on a case-by-case basis for a limited time period.					no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Take Policies From)

Similar Sections (Give Policies To)

Sub Sections