Which significant change to PCI DSS standards was made in PCI DSS version 3.1?
A. No version of TLS is now considered to provide strong cryptography.
B. Storage of sensitive authentication data after authorization is now permitted when proper encryption is applied.
C. Passwords are now required to be changed at least once every 30 days.
D. SSL is now considered a weak cryptographic technology.
E. If systems that are vulnerable to POODLE are deployed in an organization, a patching and audit review process must be implemented.
