Security Best Practices in Google Cloud
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud.
What you'll learn
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution, including Cloud Storage access control technologies, Security Keys, Customer-Supplied Encryption Keys, API access controls, scoping, shielded VMs, encryption, and signed URLs. It also covers securing Kubernetes environments. This is the second course of the Security in Google Cloud series. After completing this course, enroll in the Mitigating Security Vulnerabilities on Google Cloud course.
Table of contents
- Module Overview 1m
- Compute Engine Identity and API Access 2m
- VM and API Scopes 2m
- Connecting to Virtual Machines 6m
- Organization Policy Service 2m
- Organization Policy Constraints 2m
- Compute Engine Security 4m
- Using shielded VMs to maintain the integrity of virtual machines 5m
- Lab Intro: Configuring, Using, and Auditing VM Service Accounts and Scopes 0m
- Lab: Configuring, Using, and Auditing VM Service Accounts and Scopes 0m
- Encryption Overview 3m
- Customer Supplied and Managed Keys 2m
- Lab Intro: Encrypting Disks with Customer-Supplied Encryption Keys 0m
- Lab: Encrypting Disks with Customer-Supplied Encryption Keys 0m
- Module Overview 2m
- Cloud Storage Permissions and Roles 3m
- Auditing Storage Buckets 2m
- Signed URLS and Signed Policy Documents 4m
- Encrypting Cloud Storage objects with CMEK and CSEK 2m
- Lab Intro: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab Intro: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 0m
- Lab: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 0m
- What is an HSM? 1m
- Features of Google Cloud HSM 3m
- Demo: Using and Verifying Keys in Cloud HSM 5m
- BigQuery IAM Roles and Authorized Views 2m
- Lab Intro: Creating a BigQuery Authorized View 0m
- Lab: Creating a BigQuery Authorized View 0m
- Cloud Storage Best Practices 2m
- Big Query Storage Best Practices 1m
- Module Overview 1m
- Application Vulnerabilities 4m
- How Web Security Scanner Works 3m
- Avoiding Unwanted Impact 2m
- Lab Intro: Using Web Security Scanner to Find Vulnerabilities in an App Engine Application 0m
- Lab: Using Web Security Scanner to Find Vulnerabilities in an App Engine Application 0m
- Types of Phishing Attacks 3m
- Identity-Aware Proxy (IAP) 2m
- Lab Intro: Configuring Identity-Aware Proxy 0m
- Lab: Configuring IAP to Protect a Project 0m
- Secret Manager 11m
- Lab Intro: Configuring and Using Credentials with Secret Manager 0m
- Lab: Configuring and Using Credentials with Secret Manager 0m
