Your organization is required to conduct quarterly ASV $($Approved Scanning Vendor$)$ scans as part of PCI DSS compliance. However, due to unforeseen circumstances, the scheduled ASV scan for this quarter was missed. In this situation, which of the following would be an acceptable compensating control to address the missed ASV scan?

Compensating with an increased frequency of the next ASV scan $($e$.$g$,$ conducting the next scan after one month instead of three$)$ to ensure quarterly coverage.

Conducting an external penetration test by a certified ethical. hacker to ensure the security of the network, which provides an alternative assessment of vulnerabilities.

Implementing a manual vulnerability assessment by an internal security team to assess vulnerabilities and report findings to meet compliance requirements.

Continuing with business as usual and conducting the ASV scan as soon as possible to make up for the missed quarter.