External penetration testing must be performed at least annually and after any significant upgrades or modifications.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

External penetration testing must be performed at least annually and after any significant upgrades or modifications.

Regular external testing is used to verify that attack paths exposed by the public internet haven’t changed or opened up due to updates or network edits. It’s performed at least once a year to establish a baseline risk level and again after any significant upgrades or modifications to the environment to catch new weaknesses those changes might introduce. That’s why the best choice is the one that requires both annual testing and testing after changes. Monthly testing is excessive for a formal penetration test, never is incorrect because you always need at least a yearly check, and testing only after upgrades misses the mandatory annual assessment.

External penetration testing must be performed at least annually and after any significant upgrades or modifications.

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

External penetration testing must be performed at least annually and after any significant upgrades or modifications.

Get the latest from Examzify