
Paths
Security in Google Cloud
About this learning path: Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud... Read more
What you will learn
- Understand the Google approach to security Manage their administrative identities using Cloud Identity.
- Implement least privilege administrative access using Google Cloud Resource Manager, Cloud IAM.
- Implement IP traffic controls using VPC firewalls and Cloud Armor Implement Identity Aware Proxy Analyzing changes to the configuration or metadata of resources with GCP audit logs.
Pre-requisites
To get the most out of this course, participants should have: * Prior completion of Google Cloud Platform Fundamentals: Core Infrastructure or equivalent experience (very strongly suggested) * Prior completion of GCP and Hybrid Networking Deep Dive or equivalent experience (strongly suggested) * Knowledge of foundational concepts in information security, such as * vulnerability, threat, attack surface * confidentiality, integrity, availability * common threat types and their mitigation strategies * public-key cryptography * public and private key pairs * certificates * cipher types * certificate authorities * Transport Layer Security/Secure Sockets Layer encrypted communication * public key infrastructures * security policy * Basic proficiency with command-line tools and Linux operating system environments * Systems Operations experience, deploying and managing applications, on-premises or in a public cloud environment * Reading comprehension of code in Python or Javascript
Beginner
This section introduces you to important concepts and terminology for working with Google Cloud Platform (GCP). You learn about, and compare, many of the computing and storage services available in Google Cloud Platform, including Google App Engine, Google Compute Engine, Google Kubernetes Engine, Google Cloud Storage, Google Cloud SQL, and BigQuery. You learn about important resource and policy management tools, such as the Google Cloud Resource Manager hierarchy and Google Cloud Identity and Access Management. Hands-on labs give you foundational skills for working with GCP.
Google Cloud Platform Fundamentals - Core Infrastructure
3h 17m
Description
This course provides an overview of Google Cloud Platform products and services. Through a combination of presentations, demos, and hands-on labs, participants learn the value of Google Cloud Platform and how to incorporate cloud-based solutions into business strategies.
Table of contents
- Introducing Google Cloud Platform
- Getting Started with Google Cloud Platform
- Virtual Machines in the Cloud
- Storage in the Cloud
- Containers in the Cloud
- Applications in the Cloud
- Developing, Deploying and Monitoring in the Cloud
- Big Data and Machine Learning in the Cloud
- Summary and Review
Intermediate
This section gives participants broad study of security controls and techniques on Google Cloud Platform. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud Identity, the GCP Resource Manager, Cloud IAM, Google Virtual Private Cloud firewalls, Google Cloud Load balancing, Cloud CDN, Cloud Storage access control technologies, Stackdriver, Security Keys, Customer-Supplied Encryption Keys, the Google Data Loss Prevention API, and Cloud Armor. Participants learn mitigations for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. To get the most out of this course, participants should have: * Prior completion of Google Cloud Platform Fundamentals: Core Infrastructure or equivalent experience * Prior completion of GCP and Hybrid Networking Deep Dive or equivalent experience * Knowledge of foundational concepts in information security, such as * vulnerability, threat, attack surface * confidentiality, integrity, availability * common threat types and their mitigation strategies * public-key cryptography * public and private key pairs * certificates * cipher types * certificate authorities * Transport Layer Security/Secure Sockets Layer encrypted communication * public key infrastructures * security policy * Basic proficiency with command-line tools and Linux operating system environments * Systems Operations experience, deploying and managing applications, on-premises or in a public cloud environment .
Managing Security in Google Cloud
2h 6m
Description
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution, including Cloud Identity, Resource Manager, Cloud IAM, Google Virtual Private Cloud firewalls, Google Cloud Load balancing, Cloud Peering, Cloud Interconnect, and VPC Service Controls.
Table of contents
- Welcome to Managing Security in Google Cloud
- Foundations of Google Cloud Security
- Cloud Identity
- Cloud Identity and Access Management (Cloud IAM)
- VPCs for Isolation and Security
- Course Resources
Security Best Practices in Google Cloud
1h 48m
Description
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution, including Cloud Storage access control technologies, Security Keys, Customer-Supplied Encryption Keys, API access controls, scoping, shielded VMs, encryption, and signed URLs. It also covers securing Kubernetes environments.
Table of contents
- Welcome to Security Best Practices in Google Cloud
- Securing Compute Engine: Techniques and Best Practices
- Securing Cloud Data: Techniques and Best Practices
- Application Security: Techniques and Best Practices
- Securing Kubernetes: Techniques and Best Practices
- Course Resources
Advanced
This section teaches participants broad study of security controls and techniques on Google Cloud Platform. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud Identity, the GCP Resource Manager, Cloud IAM, Google Virtual Private Cloud firewalls, Google Cloud Load balancing, Cloud CDN, Cloud Storage access control technologies, Stackdriver, Security Keys, Customer-Supplied Encryption Keys, the Google Data Loss Prevention API, and Cloud Armor. Participants learn mitigations for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. To get the most out of this course, participants should have: * Prior completion of Google Cloud Platform Fundamentals: Core Infrastructure or equivalent experience * Prior completion of GCP and Hybrid Networking Deep Dive or equivalent experience * Knowledge of foundational concepts in information security, such as * vulnerability, threat, attack surface * confidentiality, integrity, availability * common threat types and their mitigation strategies * public-key cryptography * public and private key pairs * certificates * cipher types * certificate authorities * Transport Layer Security/Secure Sockets Layer encrypted communication * public key infrastructures * security policy * Basic proficiency with command-line tools and Linux operating system environments * Systems Operations experience, deploying and managing applications, on-premises or in a public cloud environment *
Mitigating Security Vulnerabilities on Google Cloud
1h 1m
Description
In this self-paced training course, participants learn mitigations for attacks at many points in a Google Cloud-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. They also learn about the Security Command Center, cloud logging and audit logging, and using Forseti to view overall compliance with your organization's security policies.
Table of contents
- Welcome to Mitigating Security Vulnerabilities on Google Cloud
- Protecting against Distributed Denial of Service Attacks (DDoS)
- Content-Related Vulnerabilities: Techniques and Best Practices
- Monitoring, Logging, Auditing and Scanning
- Course Resources