Your organization must follow the Payment Card Industry Data Security Standard (PCI DSS). To prepare for an audit, you must detect deviations on an infrastructure-as-a-service level in your Google Cloud landing zone. What should you do?
A.
Create a data profile covering all payment relevant data types. Configure Data Discovery and a risk analysis job in Google Cloud Sensitive Data Protection to analyze findings.
B.
Use the Google Cloud Compliance Reports Manager to download the latest version of the PCI DSS report Analyze the report to detect deviations.
C.
Create an Assured Workloads folder in your Google Cloud organization. Migrate existing projects into the folder and monitor for deviations in the PCI DSS.
D.
Activate Security Command Center Premium. Use the Compliance Monitoring product to filter findings that may not be PCI DSS compliant.
D.
A: No. This option only covers the data protection. PCI-DSS has other requirements, e.g. IAM, EKM, etc.
B: No. This only download the checklist of PCI-DSS items. Not reflect to the snapshot of current infra.
C: No. Only address controls, no data privacy.
https://cloud.google.com/security-command-center/docs/compliance-management
For each supported security standard, Security Command Center checks a subset of the controls. For the controls checked, Security Command Center shows you how many are passing. For the controls that are not passing, Security Command Center shows you a list of findings that describe the control failures.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
1e22522
Highly Voted 7 months, 3 weeks agozanhsieh
Most Recent 4 months, 1 week agoZek
4 months, 2 weeks agoMoAk
5 months agoyokoyan
7 months, 3 weeks ago