Your company has Compute Engine instances with public internet exposure, each having a single network interface with one public IP address. You need to prevent connection attempts from internet clients whose IP addresses belong to the BGP_ASN_TOBLOCK BGP ASN. What is the recommended solution?

Exam-Like

Create a new Cloud Armor backend security policy, and use the --network-src-asns parameter.

0.0%

Create a new Cloud Armor network edge security policy, and use the --network-src-asns parameter.

50.0%

Create a new Cloud Armor edge security policy, and use the --network-src-asns parameter.

0.0%

Create a new firewall policy ingress rule, and use the --network-src-asns parameter.

50.0%

Google Professional Cloud Network Engineer