An organization's standard network and security review involves analyzing application transit paths, request processing, and firewall rules. They want to allow their developer teams to deploy new applications without the burden of this comprehensive review.

What is your recommendation for this organization?

Exam-Like

Use Forseti with Firewall filters to catch any unwanted configurations in production.

Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.

Route all VPC traffic through customer-managed routers to detect malicious patterns in production.

All production applications will run on-premises. Allow developers free rein in GCP as their dev and QA platforms.

Google Professional Cloud Security Engineer