Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Google Kubernetes Engine (GKE) for workload orchestration. Parts of your architecture must also be PCI DSS-compliant. Which of the following is most accurate?
Choose an answer
Tap an option to check your answer.
Correct answer: GKE and GCP provide the tools you need to build a PCI DSS-compliant environment..
Why this is the answer
GKE and GCP provide the tools and certifications necessary to build and operate PCI DSS-compliant environments. While Google Cloud Platform itself achieves PCI DSS compliance for its infrastructure, the customer is responsible for ensuring their application and configuration within GKE also meet PCI DSS requirements. This involves proper network segmentation, access controls, vulnerability management, and logging. App Engine is not the only PCI DSS-certified compute platform; other services like Compute Engine and GKE can also be used. GKE is not considered shared hosting in a way that inherently prevents PCI DSS compliance; rather, it offers capabilities for isolation and control that, when properly configured, support compliance. Not all Google Cloud services are usable out-of-the-box for PCI DSS without customer-side controls; compliance is a shared responsibility.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed