The answer is always yes, with a caveat. Tests that are intended to cause a disruption of the service, such as DoS attacks, are not allowed. We are there to help you if you do come under a DoS attack, but not if you cause it intentionally.
Should you whitelist the PCI compliance or penetration test IPs?
Source: Scuri check