Your company offers a popular gaming service. Your instances are deployed with private IP addresses, and external access is granted through a global load balancer. You believe you have identified a potential malicious actor, but aren't certain you have the correct client IP address. You want to identify this actor while minimizing disruption to your legitimate users. What should you do?
A. Create a Cloud Armor Policy rule that denies traffic and review necessary logs
B. Create a Cloud Armor Policy rule that denies traffic, enable preview mode, and review necessary logs
C. Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to disabled, and review necessary logs
D. Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to enabled, and review necessary logs