What should you do?
You are a member of the security team at an organization. Your team has a single GCP project with credit card payment processing systems alongside web applications and data processing systems. You want to reduce the scope of systems subject to PCI audit standards.
What should you do?
A . Use multi-factor authentication for admin access to the web application.
B . Use only applications certified compliant with PA-DSS.
C . Move the cardholder data environment into a separate GCP project.
D . Use VPN for all connections between your office and cloud environments.
Answer: C
Explanation:
https://cloud.google.com/solutions/best-practices-vpc-design
"Setting up your payment-processing environment" section in
https://cloud.google.com/solutions/pci-dss-compliance-in-gcp.
Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund