Google Cloud Professional Cloud Architect — Question 47

Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used.
How should you design your architecture?

Answer options

• A. Create a tokenizer service and store only tokenized data
• B. Create separate projects that only process credit card data
• C. Create separate subnetworks and isolate the components that process credit card data
• D. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data
• E. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor

Correct answer: A

Explanation

The correct answer is A because creating a tokenizer service allows you to convert sensitive credit card data into non-sensitive tokens, thus minimizing the PCI compliance scope while still enabling analysis of payment trends. Options B and C increase complexity and do not effectively reduce the scope of compliance, while D does not address the actual data handling and E focuses on logging rather than the core data processing strategy.