Security in Google Cloud Platform
Google Cloud Professional Security Engineer Certification Exam
За Курса
- This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution. Participants also learn mitigation techniques for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of- Service attacks, phishing attacks, and threats involving content classification and use.
Цели – Какво ще научите (Course Goals):
- This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution. Participants also learn mitigation techniques for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use.
Курсът е предназначен за (Audience):
- This class is intended for the following job roles: * [Cloud] information security analysts, architects, and engineers * Information security/cybersecurity specialists * Cloud infrastructure architects Additionally, the course is intended for Google and partner field personnel who work with customers in those job roles. The course should also be useful to developers of cloud applications.
Формат на курса
Език на курса: български (английски е наличен като опция)
Учебни Метериали: в електронен формат (Учебните материали са на английски), включени в цената с неограничен достъп.
Лабораторна среда: всеки курсист разполага със собствена лаб среда, където се провеждат упражненията, част от курса.
Продължителност
- 2 работни дни (понеделник – петък 09:00 – 17:00)
или
- 16 уч.ч. обучение (теория и практика) в извънработно време с продължителност 1 седмици
- събота и неделя 10:00 – 14:00, 14:00 – 18:00, 18:00 – 22:00
- понеделник и сряда 19:00 – 23:00
- вторник и четвъртък 19:00 – 23:00
Плащане
Заявка за издаване на фактура се приема към момента на записването на съответния курс.
Фактура се издава в рамките на 7 дни от потвърждаване на плащането.
Предстоящи Курсове
За повече информация използвайте формата за контакт.
Ще се свържем с Вас за потвърждаване на датите.
Предпоставки (Изисквания) за Участие (Prerequisites):
-
- To get the most out of this course, participants should have: Completed Google Cloud Platform Fundamentals: Core Infrastructure or have equivalent experience Basic proficiency with command-line tools and Linux operating system environments
Курсът подготвя за следните сертификационни нива
-
-
- Google Cloud Certified Security Engineer
-
Course Curriculum
-
Module 1: Foundations of GCP Security
-
Module 2: Cloud Identity
-
Module 3: Identity and Access Management
-
Module 4: Configuring Google Virtual Private Cloud for Isolation and Security
- Configuring VPC firewalls (both ingress and egress rules)
- Load balancing and SSL policies
- Private Google API access
- SSL proxy use
- Best practices for structuring VPC networks
- Best security practices for VPNs
- Security considerations for interconnect and peering options
- Available security products from partners
-
Module 5: Monitoring, Logging, Auditing, and Scanning
-
Module 6: Securing Compute Engine: techniques and best practices
- Compute Engine service accounts, default and customer-defined
- IAM roles for VMs
- API scopes for VMs
- Managing SSH keys for Linux VMs
- Managing RDP logins for Windows VMs
- Organization policy controls: trusted images, public IP address, disabling serial port
- Encrypting VM images with customer-managed encryption keys and with customer-supplied encryption keys
- Finding and remediating public access to VMs
- VM best practices
- Encrypting VM disks with customer-supplied encryption keys
-
Module 7: Securing cloud data: techniques and best practices
- Cloud Storage and IAM permissions
- Cloud Storage and ACLs
- Auditing cloud data, including finding and remediating publicly accessible data
- Signed Cloud Storage URLs
- Signed policy documents
- Encrypting Cloud Storage objects with customer-managed encryption keys and with customer-supplied encryption keys
- Best practices, including deleting archived versions of objects after key rotation
- BigQuery authorized views
- BigQuery IAM roles
- Best practices, including preferring IAM permissions over ACLs
-
Module 8: Protecting against Distributed Denial of Service Attacks: techniques and best practices
-
Module 9: Application Security: techniques and best practices
Instructors
Related Courses
Login with Google