This self-paced training course gives participants broad study of security controls and techniques on Google Cloud Platform.
Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud Identity, the GCP Resource Manager, Cloud IAM, Google Virtual Private Cloud firewalls, Google Cloud Load balancing, Cloud CDN, Cloud Storage access control technologies, Stackdriver, Security Keys, Customer-Supplied Encryption Keys, the Google Data Loss Prevention API, and Cloud Armor. Participants learn mitigations for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use.
To get the most out of this course, participants should have:
* Prior completion of Google Cloud Platform Fundamentals: Core Infrastructure or equivalent experience
* Prior completion of GCP and Hybrid Networking Deep Dive or equivalent experience
* Knowledge of foundational concepts in information security, such as
* vulnerability, threat, attack surface
* confidentiality, integrity, availability
* common threat types and their mitigation strategies
* public-key cryptography
* public and private key pairs
* cipher types
* certificate authorities
* Transport Layer Security/Secure Sockets Layer encrypted communication
* public key infrastructures
* security policy
* Basic proficiency with command-line tools and Linux operating system environments
* Systems Operations experience, deploying and managing applications, on-premises or in a public cloud environment
>>> By enrolling in this course you agree to the Qwiklabs Terms of Service as set out in the FAQ and located at: https://qwiklabs.com/terms_of_service
Welcome to Managing Security in Google Cloud Platform
-Welcome to the Foundations of Google Cloud Platform Security module, part of the Security in Google Cloud course. This course gives participants broad study of security controls and techniques on Google Cloud. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution.
Foundations of GCP Security
-Securing systems is a hot topic and should be a priority for everyone today - and, as you will see, it is definitely a priority here at Google. In this module we will introduce you to Google Cloud’s approach to security. We will also discuss the shared security responsibility model, which is a collaborative effort between Google and its users. Next, we will outline several threats that are mitigated for you when your systems are run on Google’s infrastructure in Google Cloud. And, finally, we will end with a section on access transparency.
-In this module we will discuss Cloud Identity, a service which makes it easy to manage cloud users, devices, and apps from one console. We will also discuss a few related features to help reduce the operational overhead of managing Google Cloud users, such as the Google Cloud Directory Sync and Single Sign-On. We will end with some authentication best practices.
Identity and Access Management (IAM)
-Cloud Identity and Access Management (or Cloud IAM as it is known) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage your cloud resources centrally. More specifically, we will cover; the Resource Manager which enables you to centrally manage projects, folders, and organizations, IAM roles and policies, including custom roles, and Cloud IAM best practices, including separation of duties and the principle of least privilege.
VPCs for Isolation and Security
-Managed networking on Google Cloud utilizes a Virtual Private Cloud (or VPC). In this module we will discuss VPC related security concepts including: VPC firewalls, load balancing SSL policies, network Interconnect & peering options, VPC network best practices and VPC flow logs. You will also have the opportunity to practice what you’ve learned, by completing the labs exercises “Configuring VPC Firewalls” and “Using and Viewing VPC Flow Logs in Stackdriver.”