How often must internal and external vulnerability scans be performed?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

How often must internal and external vulnerability scans be performed?

Regular vulnerability scanning is set to a quarterly cadence to ensure ongoing identification and remediation of weaknesses in the cardholder data environment. Both internal and external scans must occur at least every three months, with the external scans performed by an Approved Scanning Vendor for Internet-facing systems and internal scans conducted by your own tools to check internal configurations and patches. If there are significant changes to the network or new systems added, you should re-scan promptly in addition to the quarterly schedule. An annual interval would miss too many new vulnerabilities, while monthly or weekly scans go beyond the required minimum. Therefore, quarterly is the correct minimum frequency.

How often must internal and external vulnerability scans be performed?

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

How often must internal and external vulnerability scans be performed?

Get the latest from Examzify