🔥 3-day streak
Professional Cloud Architect125 / 169
Question 125 of 169

A retail company is deploying a new payment processing application on Google Cloud that must be compliant with PCI DSS. The cardholder data environment (CDE) must be isolated from the rest of the corporate workloads, and the auditors require that the scope of PCI assessment be minimized to only the systems that store, process, or transmit cardholder data. Which design approach BEST reduces PCI DSS audit scope while maintaining strong isolation?

Reviewed for accuracy · Report an issueNext question