An organization's compliance policy requires every Windows workstation to have active real-time antivirus protection, the most recent operating-system patches, and BitLocker full-disk encryption enabled. Which of the following conditions would cause the policy to flag a workstation as non-compliant?
Real-time antivirus protection is disabled.
The Windows Defender firewall is enabled and using the default profile.
BitLocker full-disk encryption reports a healthy status.
The latest cumulative OS patch was installed last night.
The policy explicitly checks for real-time antivirus protection. If that protection is disabled or missing, the device fails the antivirus check and is marked non-compliant, even if other controls (firewall, patching, encryption) are in place.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the risks of having a non-compliant system?
Open an interactive chat with Bash
What are the basic elements that contribute to system compliance?