[PCI-DSS] 5.2 Ensure that all anti-virus mechanisms are current, actively running, and capable of generating audit logs.
5.2 Verify that all anti-virus software is current, actively running, and capable of generating logs by performing the following:
[li]5.2.a Obtain and examine the policy and verify that it requires updating of anti-virus software and definitions.[/li][li]5.2.b Verify that the master installation of the software is enabled for automatic updates and periodic scans.[/li][li]5.2.c For a sample of system components including all operating system types commonly affected by malicious software, verify that automatic updates and periodic scans are enabled.[/li][li]5.2d For a sample of system components, verify that antivirus software log generation is enabled and that such logs are retained in accordance with PCI DSS Requirement 10.7[/li][/ul]