Your company operates workloads on Google Cloud's Compute Engine as well as on on-premises infrastructure. The setup includes a Google Cloud Virtual Private Cloud (VPC) that is integrated with your Wide Area Network (WAN) via a Virtual Private Network (VPN). You need to deploy a new Compute Engine instance and make certain that it is fully isolated from public Internet traffic. What steps should you take to accomplish this?