Question: 1/50
A startup is building an internal web app that must be reachable only from the corporate network. The team wants to avoid managing VPN appliances and prefers an identity-based approach for access control. What should they implement?
Expose the app on a public HTTPS load balancer and restrict access by source IP ranges
Publish the app through Identity-Aware Proxy (IAP) and require Google identity login
Place the app behind a Cloud NAT gateway so it is not reachable from the internet
Use VPC Peering from the corporate network to the project VPC and allow all internal traffic