Google Cloud Professional Cloud Security Engineer — Question 9

In order to meet PCI DSS requirements, a customer wants to ensure that all outbound traffic is authorized.
Which two cloud offerings meet this requirement without additional compensating controls? (Choose two.)

Answer options

• A. App Engine
• B. Cloud Functions
• C. Compute Engine
• D. Google Kubernetes Engine
• E. Cloud Storage

Correct answer: A, B

Explanation

App Engine and Cloud Functions are designed to automatically manage outbound traffic permissions, ensuring compliance with PCI DSS without needing additional controls. In contrast, Compute Engine, Google Kubernetes Engine, and Cloud Storage may require additional configurations to adequately control outbound traffic.