Answer-first summary for fast verification
Answer: Compute Engine, Google Kubernetes Engine
The correct answers are C and D (Compute Engine and Google Kubernetes Engine). PCI DSS Requirement 1.3.4 specifically requires controlling outbound traffic from the cardholder data environment. While there is some community debate about App Engine's capabilities, the official Google Cloud PCI DSS documentation and architecture guidance consistently identify Compute Engine and GKE as the preferred options for meeting outbound traffic control requirements without additional compensating controls. Compute Engine provides granular firewall rules for both ingress and egress traffic, and GKE leverages these same networking capabilities while adding container-specific security controls. Although some newer comments suggest App Engine now supports egress controls through Serverless VPC Access, the official guidance and historical consensus favor Compute Engine and GKE as the most reliable options for PCI DSS compliance regarding outbound traffic authorization.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.