You are implementing a Google Cloud Armor security policy to protect your web application's backend from common attacks like cross-site scripting (XSS) and SQL injection (SQLi). What are two prerequisites for using Google Cloud Armor security policies? (Choose two.)

Exam-Like

The load balancer must be an external SSL proxy load balancer.

Google Cloud Armor Policy rules can only match on Layer 7 (L7) attributes.

The load balancer must use the Premium Network Service Tier.

The backend service's load balancing scheme must be EXTERNAL.

The load balancer must be an external HTTP(S) load balancer.

Google Professional Cloud Security Engineer