A customer is using Cloud Identity-Aware Proxy (IAP) to secure their ERP system hosted on Google Cloud Compute Engine. Their security team wants to add a layer of security to ensure the ERP system only accepts traffic that has passed through IAP. What should they do to meet this requirement?

Exam-Like

Make sure that the ERP system can validate the JWT assertion in the HTTP requests.

Make sure that the ERP system can validate the identity headers in the HTTP requests.

Make sure that the ERP system can validate the x-forwarded-for headers in the HTTP requests.

Make sure that the ERP system can validate the user's unique identifier headers in the HTTP requests.

Google Professional Cloud Security Engineer