[funsec] PCI DSS - a funny one because we are in funsec

[Alexandre Dulaunoy]

Reading "PCI DSS Requirements and Security Assessment Procedures, v1.2"[1],
I found an interesting requirement in the "paper work process" on page 28 :

"Deploy anti-virus software on all systems commonly affected by
malicious software (particularly personal computers and servers).
"

Everyone in the security field know in advance where the next
malicious software will be ;-)

I'm now guessing what will be the standard answer (especially at
heartland payment system) :

"We never had any malicious software on this system, this is not
commonly affected"

[1] https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf


-- 
--                   Alexandre Dulaunoy (adulau) -- http://www.foo.be/
--                             http://www.foo.be/cgi-bin/wiki.pl/Diary
--         "Knowledge can create problems, it is not through ignorance
--                                that we can solve them" Isaac Asimov