For systems not commonly affected by malware, which action aligns with best practice regarding anti-virus applicability?

• A. Periodic evaluations to identify evolving malware threats to confirm whether such systems continue to not require anti-virus software.
• B. Always install anti-virus on those systems.
• C. Do nothing and rely on perimeter defenses.
• D. Decommission those systems.

Answer: (C)

Not every system needs anti-virus—the level of protection should match the system’s actual exposure to malware. If a system is not commonly targeted and is well protected by strong perimeter defenses and network segmentation, the risk reduction can be achieved without installing anti-virus. In this scenario, relying on those perimetral controls to block and limit threats is considered best practice, avoiding unnecessary overhead and maintenance from antivirus software on that specific system. If threat patterns or system exposure change, you would reassess, but under the given conditions the preventive emphasis on perimeter defenses aligns with prudent risk management.