You need to enforce a mandate requiring all new Cloud Run jobs and services in production to have Binary Authorization enabled. What should you do?

Exam-Like

Configure an organization policy to require Binary Authorization enforcement on images deployed to Cloud Run.

Configure a Security Health Analytics (SHA) custom rule that prevents the execution of Cloud Run jobs and services without Binary Authorization.

Ensure the Cloud Run admin role is not assigned to developers.

Configure a Binary Authorization custom policy that is not editable by developers and auto-attaches to all Cloud Run jobs and services.

Google Professional Cloud Security Engineer