Security Best Practices in Google Cloud
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud.
What you'll learn
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution, including Cloud Storage access control technologies, Security Keys, Customer-Supplied Encryption Keys, API access controls, scoping, shielded VMs, encryption, and signed URLs. It also covers securing Kubernetes environments.
Table of contents
- Module overview 1m
- Service accounts, IAM roles, and API scopes 4m
- Lab Intro: Configuring, Using, and Auditing VM Service Accounts and Scopes 0m
- Pluralsight: Getting Started with GCP and Qwiklabs 4m
- Lab: Configuring, Using, and Auditing VM Service Accounts and Scopes 0m
- Connecting to virtual machines 4m
- Connecting to VMs without external IPs 2m
- OS Login 3m
- Organization policy controls 2m
- Shielded VMs 3m
- Confidential VMs 2m
- Certificate Authority Service 2m
- What Certificate Authority Service provides 2m
- Compute Engine best practices 3m
- Module review 3m
- Module overview 2m
- Cloud Storage IAM permissions and ACLs 2m
- Auditing cloud data 2m
- Signed URLs and policy documents 4m
- Encrypting with CMEK and CSEK 8m
- Lab Intro: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab Intro: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 1m
- Lab: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 0m
- Cloud HSM 3m
- Demo: Using and Verifying Keys in Cloud HSM 5m
- BigQuery IAM roles and authorized views 2m
- Lab Intro: Creating a BigQuery Authorized View 0m
- Lab: Creating a BigQuery Authorized View 0m
- Storage best practices 3m
- Module review 2m
- Module overview 1m
- Types of application security vulnerabilities 4m
- Web Security Scanner 5m
- Lab Intro: Using Web Security Scanner to Find Vulnerabilities in an App Engine Application 0m
- Lab: Using Web Security Scanner to Find Vulnerabilities in an App Engine Application 0m
- Threat: Identity and Oauth phishing 3m
- Identity-Aware Proxy (IAP) 5m
- Lab Intro: Securing Compute Engine Applications with BeyondCorp Enterprise 0m
- Lab: Securing Compute Engine Applications with BeyondCorp Enterprise 0m
- Secret Manager 6m
- Lab Intro: Configuring and Using Credentials with Secret Manager 0m
- Lab: Configuring and Using Credentials with Secret Manager 0m
- Module review 3m