Which item should be examined to verify antivirus log generation is enabled?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which item should be examined to verify antivirus log generation is enabled?

Explanation:
To confirm antivirus log generation is enabled, you need evidence from both how the system is managed centrally and how it behaves on actual devices. The central management (master antivirus installation) sets the logging policy and ensures logs are produced and sent according to policy. But centralized settings alone don’t prove that every endpoint is actually generating logs. By also examining a sample of system components, you verify that the configured logging is indeed active on a representative set of endpoints and that logs are being produced as expected. This combined view gives confidence that logging is enabled across the environment. Relying only on the central installation could miss endpoints where logging is disabled or misconfigured, and examining only a subset of components might not reveal gaps elsewhere. End-user reports aren’t suitable as evidence because they don’t provide verifiable, technical proof of log generation.

To confirm antivirus log generation is enabled, you need evidence from both how the system is managed centrally and how it behaves on actual devices. The central management (master antivirus installation) sets the logging policy and ensures logs are produced and sent according to policy. But centralized settings alone don’t prove that every endpoint is actually generating logs. By also examining a sample of system components, you verify that the configured logging is indeed active on a representative set of endpoints and that logs are being produced as expected. This combined view gives confidence that logging is enabled across the environment.

Relying only on the central installation could miss endpoints where logging is disabled or misconfigured, and examining only a subset of components might not reveal gaps elsewhere. End-user reports aren’t suitable as evidence because they don’t provide verifiable, technical proof of log generation.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy