Choose all the correct options

Question

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform
external and internal penetration testing?

Accepted Answer

At least once a year and after any significant upgrade or modification

Answer

At least twice a year or after any significant upgrade or modification

Answer

At least once every two years and after any significant upgrade or modification

Answer

At least once every three years or after any significant upgrade or modification

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?