Security in Google Cloud: Course overview

In this Security in Google Cloud course, with engaging lectures, practical demonstrations, and immersive labs, you’ll gain a deep understanding of essential security controls and techniques:

  • Dive into core security components like Cloud Identity, Resource Manager, and Identity and Access Management (IAM).
  • Master VPC firewalls, Cloud Load Balancing, and network peering options like Direct Peering, Carrier Peering, and Cloud Interconnect.
  • Implement VPC Service Controls to isolate workloads and secure sensitive data.
  • Understand IAM roles and policies to prevent unauthorized access and enforce least privilege.
  • Learn about best practices for data encryption, incident response, and ongoing security monitoring.

After completing this course on Security in Google Cloud, Students will be able to:

  • In this course, you'll unlock the power of Google Cloud Platform security:
  • Grasp Google's core security principles and how they translate into robust cloud architecture.
  • Understand the shared responsibility model and your role in securing your Google Cloud environment.
  • Take control of administrative identities with Cloud Identity, ensuring only authorized users have access.
  • Implement the principle of least privilege using Resource Manager and IAM, minimizing attack surfaces.
  • Secure your applications with Identity-Aware Proxy, restricting access based on identity and context.
  • Leverage VPC firewalls and Google Cloud Armor to establish robust IP traffic controls and deflect malicious attacks.
  • Remediate critical vulnerabilities, particularly public access to data and VMs, ensuring sensitive information remains secure.
  • Protect sensitive data with the Cloud Data Loss Prevention API, identifying and redacting any potential information leaks.
  • Analyze resource metadata configuration changes through audit logs, staying ahead of suspicious activity.
  • Conduct rigorous security assessments using Forseti, uncovering and remediating vulnerabilities, especially those related to public access.

Upcoming Batches

Loading Dates...

Security in Google Cloud: Key Features:

  • Our Google Cloud Platform training modules have 50% – 60% hands-on lab sessions to encourage Thinking-Based Learning (TBL).

    • Interactive-rich virtual and face-to-face classroom teaching to inculcate Problem-Based Learning (PBL).
    • GCP-certified instructor-led training and mentoring sessions to develop Competency-Based Learning (CBL).
    • Well-structured use cases to simulate challenges encountered in a Real-World environment during Google Cloud Platform training.
    • Integrated teaching assistance and support through an experts-designed Learning Management System (LMS) and ExamReady platform.
    • Being an official Google Cloud Platform Training Partner, we offer authored curricula aligned with industry standards.

     

Who Should Attend this Course on Security in Google Cloud Specialization:

  • Cloud information security analysts, architects, and engineers
  • Information security/cybersecurity specialists
  • Cloud infrastructure architects

Prerequisites:

Prior completion of Google Cloud Fundamentals: Core Infrastructure or equivalent experience Prior completion of Networking in Google Cloud or equivalent experience Basic understanding of Kubernetes terminology (preferred but not required) Knowledge of foundational concepts in information security through experience or through online training such as SANS’s SEC301: Introduction to Cyber Security • Basic proficiency with command-line tools and the Linux operating system • environments • Systems Operations experience, including deploying and managing applications, either on-premises or in a public cloud environment • Reading comprehension of code in Python or Javascript

Why choose CloudThat as your Security in Google Cloud Training Partner?

  • Specialized GCP Focus: CloudThat specializes in cloud technologies, offering focused and specialized training programs. We are Authorized Trainers for the Google Cloud Platform. This specialization ensures in-depth coverage of GCP services, use cases, best practices, and hands-on experience tailored specifically for GCP.
  • Industry-Recognized Trainers: CloudThat has a strong pool of industry-recognized trainers certified by GCP. These trainers bring real-world experience and practical insights into the training sessions, comprehensively understanding how GCP is applied in different industries and scenarios.
  • Hands-On Learning Approach: CloudThat emphasizes a hands-on learning approach. Learners can access practical labs, real-world projects, and case studies that simulate actual GCP environments. This approach allows learners to apply theoretical knowledge in practical scenarios, enhancing their understanding and skill set.
  • Customized Learning Paths: CloudThat understands that learners have different levels of expertise and varied learning objectives. We offer customized learning paths, catering to beginners, intermediate learners, and professionals seeking advanced GCP skills.
  • Interactive Learning Experience: CloudThat's training programs are designed to be interactive and engaging. We utilize various teaching methodologies like live sessions, group discussions, quizzes, and mentorship to keep learners engaged and motivated throughout the course.
  • Placement Assistance and Career Support: CloudThat often provides placement assistance and career support services. This includes resume building, interview preparation, and connecting learners with job opportunities through our network of industry partners and companies looking for GCP-certified professionals.
  • Continuous Learning and Updates: CloudThat ensures that our course content is regularly updated to reflect the latest trends, updates, and best practices within the GCP ecosystem. This commitment to keeping the content current enables learners to stay ahead in their GCP knowledge.
  • Positive Reviews and Testimonials: Reviews and testimonials from past learners can strongly indicate the quality of training provided. You can Check feedback and reviews about our GCP courses that can provide potential learners with insights into the effectiveness and value of the training.

Learning objective of the Google Cloud security solutions Course

  • Design and deploy secure Google Cloud solutions leveraging core components like Cloud Identity, Resource Manager, IAM, and network security mechanisms.
  • Enforce least privilege with IAM and utilize Identity-Aware Proxy to restrict application access based on identity and context, ensuring only authorized users access your environment.
  • Configure VPC firewalls and Cloud Armor to control inbound and outbound traffic, effectively deflecting malicious attacks and securing your network perimeter.
  • Implement effective data protection measures like Cloud Data Loss Prevention and VPC Service Controls to safeguard sensitive information and isolate critical workloads.
  • Analyze resource metadata changes through audit logs and conduct comprehensive security assessments with Forseti to identify and remediate vulnerabilities, especially those related to public access.
  • Cultivate best practices for data encryption, incident response, and ongoing security monitoring to ensure your Google Cloud environment remains resilient against evolving threats.

Course modules: Download Course Outline

Topics:

  • Google Cloud’s Approach to Security
  • The Shared Security Responsibility Model
  • Threats Mitigated by Google and Google Cloud
  • Access Transparency

Topics:

  • Cloud Identity
  • Google Cloud Directory Sync
  • Google Authentication Versus SAML-based SSO
  • Authentication Best Practices

Topics:

  • Resource Manager
  • IAM Roles
  • IAM Policies
  • IAM Recommender
  • IAM Troubleshooter
  • IAM Audit Logs
  • IAM Best Practices

Activities:

  • Lab: Configuring IAM

Topics:

  • VPC Firewalls
  • Load Balancing and SSL Policies
  • Interconnect and Peering Policies
  • Best Practices for VPC Networks
  • VPC Flow Logs

Activities:

  • Lab: Configuring VPC Firewalls
  • Lab: Configuring and Using VPC Flow Logs in Cloud Logging

Service Accounts, IAM Roles and API Scopes

  • Managing VM Logins
  • Organization Policy Controls
  • Compute Engine Best Practices
  • Encrypting Disks with CSEK

Activities:

  • Lab: Configuring, Using, and Auditing VM Service Accounts and Scopes
  • Lab: Encrypting Disks with Customer-Supplied Encryption Keys

Topics:

  • Cloud Storage IAM permissions and ACLs
  • Auditing Cloud Data
  • Signed URLs and Policy Documents
  • Encrypting with CMEK and CSEK
  • Cloud HSM
  • BigQuery IAM Roles and Authorized Views
  • Storage Best Practices

Activities:

  • Lab: Using Customer-Supplied Encryption Keys with Cloud Storage
  • Lab: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS
  • Lab: Creating a BigQuery Authorized View

Topics:

  • Types of Application Security Vulnerabilities
  • Web Security Scanner
  • Threat: Identity and Oauth Phishing
  • Identity-Aware Proxy
  • Secret Manager

Activities:

  • Lab: Using Web Security Scanner to Find Vulnerabilities in an App Engine Application
  • Lab: Configuring Identity-Aware Proxy to Protect a Project
  • Lab: Configuring and Using Credentials with Secret Manager

Topics:

  • Introduction to Kubernetes/GKE
  • Authentication and Authorization
  • Hardening Your Clusters
  • Securing Your Workloads
  • Monitoring and Logging

Topics:

  • How DDoS Attacks Work
  • Google Cloud Mitigations
  • Types of Complementary Partner Products

Activities:

  • Lab: Configuring Traffic Blocklisting with Google Cloud Armor

Topics:

  • Threat Ransomware
  • Ransomware Mitigations
  • Threats: Data Misuse, Privacy Violations, Sensitive Content
  • Content-Related Mitigations

Activities:

  • Lab: Redacting Sensitive Data with the DLP API

Topics:

  • Cloud Audit Logs
  • Deploying and Using Forseti 

Activities:

  • Lab: Installing Cloud Logging and Monitoring Agents
  • Lab: Configuring and Using Cloud Logging and Monitoring
  • Lab: Configuring and Viewing Cloud Audit Logs

Select Course date

Loading Dates...
Add to Wishlist

Course ID: 19275

Course Price at

Loading price info...
Enroll Now
Enquire Now