A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP). The customer`s internal compliance requirements dictate that end- user access may only be allowed if the traffic seems to originate from a specific known good CIDR. The customer accepts the risk that their application will only have SYN flood DDoS protection. They want to use GCP`s native SYN flood protection. Which product should be used to meet these requirements? 

Answer options:

A. Cloud Armor
B. VPC Firewall Rules
C. Cloud Identity and Access Management
D. Cloud CDN

A

Reference: https://cloud.google.com/blog/products/identity-security/understanding-google-cloud-armors-new-waf-capabilities