Your organization has a single Virtual Private Cloud (VPC) network in Google Cloud, connected to your on-premises network via Cloud Interconnect. You need to restrict access solely to Google APIs and services supported by VPC Service Controls while maintaining hybrid connectivity with a guaranteed service level agreement (SLA). What is the correct configuration approach?

Exam-Like

Configure the existing Cloud Routers to advertise the Google API's public virtual IP addresses.

0.0%

Use Private Google Access for on-premises hosts with restricted.googleapis.com virtual IP addresses.

100.0%

Configure the existing Cloud Routers to advertise a default route, and use Cloud NAT to translate traffic from your on-premises network.

0.0%

Add Direct Peering links, and use them for connectivity to Google APIs that use public virtual IP addresses.

0.0%

Google Professional Cloud Network Engineer