CompTIA PenTest+ PT0-002 Practice Question
A penetration testing team is preparing to assess the security of a web application for a financial institution that is bound by the Payment Card Industry Data Security Standard (PCI DSS). Which standard or methodology should they prioritize to align their testing framework with the industry's best practices and ensure compliance?
National Institute of Standards and Technology (NIST)
Information Systems Security Assessment Framework (ISSAF)
MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)
Open Web Application Security Project (OWASP)