Which two cloud offerings meet this requirement without additional compensating controls?

In order to meet PCI DSS requirements, a customer wants to ensure that all outbound traffic is authorized.

Which two cloud offerings meet this requirement without additional compensating controls? (Choose two.)
A . App Engine
B . Cloud Functions
C . Compute Engine
D . Google Kubernetes Engine
E . Cloud Storage

Answer: CD

Explanation:

App Engine ingress firewall rules are available, but egress rules are not currently available. Per requirements 1.2.1 and 1.3.4, you must ensure that all outbound traffic is authorized. SAQ A-EP and SAQ DCtype merchants must provide compensating controls or use a different Google Cloud product. Compute Engine and GKE are the preferred alternatives. https://cloud.google.com/solutions/pci-dss-compliance-in-gcp

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments