What is the focus of Requirement 5 in PCI DSS?

Requirement 5 in PCI DSS specifically focuses on protecting systems against malware and ensuring that antivirus mechanisms are in place and regularly updated. This requirement emphasizes the need for organizations to implement and maintain anti-virus software or programs on all systems commonly affected by malicious software, ensuring these systems are adequately protected to mitigate risks associated with malware.

Regular updates and monitoring of these anti-virus programs are crucial, as they help defend against the latest threats by adapting to the evolving landscape of malware. By ensuring that all systems are equipped with robust anti-virus solutions and that these solutions are kept current, organizations can significantly reduce their vulnerability to malware infections that could jeopardize cardholder data.

The other options, while they represent important aspects of broader security measures, do not align with the specific objectives of Requirement 5. For instance, the development of secure applications and establishing strong passwords pertain more to application security and authentication practices. Access control measures for admins focus on who can access certain resources but do not directly address malware protection. Hence, the emphasis of Requirement 5 distinctly pertains to defending against malware.