Where should anti-virus software be deployed according to the practice guidelines?

• A. Deploy antivirus on all systems commonly affected by malicious software.
• B. Deploy antivirus on servers only.
• C. Deploy antivirus on laptops only.
• D. Antivirus is optional.

Answer: (A)

Antivirus should be deployed on all systems commonly affected by malware. This broad coverage matters because malware can enter and move across many kinds of devices in the environment, not just one type of system. By protecting desktops, laptops, servers, and other endpoints that handle or connect to cardholder data, you reduce the risk of an infection taking hold and spreading. Limiting protection to servers or to laptops only creates gaps that attackers can exploit, and calling antivirus optional leaves critical security controls unenforced. In practice, this approach aligns with the goal of providing comprehensive malware defense across all in-scope systems.