Security in Google Cloud

Overview

Description

This training course gives you a broad study of security controls and techniques in Google Cloud. Through lectures, demonstrations, and labs, you explore and deploy the components of a secure Google Cloud solution. You use services including Cloud Identity, Identity and Access Management (IAM), Cloud Load Balancing, Cloud IDS, Web Security Scanner, BeyondCorp Enterprise, and Cloud DNS.

Course Outline

• Foundations of Google Cloud Security;

• Securing Access to Google Cloud;

• Identity and Access Management;

• Configuring Virtual Private Cloud for Isolation and Security;

• Securing Compute Engine;

• Securing Cloud Data;

• Securing Applications;

• Securing Google Kubernetes Engine;

• Protecting against Distributed Denial of Service Attacks;

• Content-Related Vulnerabilities;

• Monitoring, Logging, Auditing, and Scanning.

Learning Objectives

• Identify the foundations of Google Cloud security;

• Manage administration identities with Google Cloud;

• Implement user administration with Identity and Access Management;

• Configure Virtual Private Clouds for isolation, security, and logging;

• Apply techniques and best practices for securely managing Compute Engine;

• Apply techniques and best practices for securely managing Google Cloud data;

• Apply techniques and best practices for securing Google Cloud applications;

• Apply techniques and best practices for securing Google Kubernetes Engine resources;

• Manage protection against distributed denial of service attacks;

• Manage content-related vulnerabilities;

• Implement Google Cloud monitoring, logging, auditing, and scanning solutions.

Target Audience

• Cloud information security analysts, architects, and engineers;

• Information security/cybersecurity specialists;

• Cloud infrastructure architects.

Prerequisite(s)

• Prior completion of Google Cloud Fundamentals: Core Infrastructure or equivalent experience.

• Prior completion of Networking in Google Cloud or equivalent experience.

• Knowledge of foundational concepts in information security, through experience or through online training such as SANS’s SEC301: Introduction to Cyber Security.

• Basic proficiency with command-line tools and Linux operating system environments.

• Systems Operations experience, including deploying and managing applications, either on premises or in a public cloud environment.

• Reading comprehension of code in Python or Javascript.

• Basic understanding of Kubernetes terminology (preferred but not required).

Legacy course code: GOO-SEC-SSC