Security Best Practices in Google Cloud
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud Platform. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud Storage access control technologies, Security Keys, Customer-Supplied Encryption Keys, API access controls, scoping, shielded VMs, encryption, and signed URLs. It also covers securing Kubernetes environments.
What you'll learn
This self-paced training course gives participants broad study of security controls and techniques on Google Cloud Platform. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution, including Cloud Storage access control technologies, Security Keys, Customer-Supplied Encryption Keys, API access controls, scoping, shielded VMs, encryption, and signed URLs. It also covers securing Kubernetes environments.
Table of contents
- Module Overivew 1m
- Compute Engine Identity and API Access 2m
- VM and API Scopes 2m
- Connecting to Virtual Machines 6m
- Organization Policy Service 2m
- Organization Policy Constraints 2m
- Compute Engine Security 4m
- Using shielded VMs to maintain the integrity of virtual machines 5m
- Lab Intro: Configuring, Using, and Auditing VM Service Accounts and Scopes 0m
- Getting Started With GCP And Qwiklabs 4m
- Lab: Configuring, using, and auditing VM service accounts and scopes 0m
- Encryption Overview 3m
- Customer Supplied and Managed Keys 2m
- Lab Intro: Encrypting Disks with Customer-Supplied Encryption Keys 0m
- Lab: Encrypting Disks with Customer-Supplied Encryption Keys 0m
- Module Overview 2m
- Cloud Storage Permissions and Roles 3m
- Auditing Storage Buckets 2m
- Signed URLS and Signed Policy Documents 4m
- Encrypting Cloud Storage objects with CMEK and CSEK 2m
- Lab Intro: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab: Using Customer-Supplied Encryption Keys with Cloud Storage 0m
- Lab Intro: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 0m
- Lab: Using Customer-Managed Encryption Keys with Cloud Storage and Cloud KMS 0m
- What is an HSM? 1m
- Features of Google Cloud HSM 3m
- Demo: Using and Verifying Keys in Cloud HSM 5m
- BigQuery IAM Roles and Authorized Views 2m
- Lab Intro: Creating a BigQuery Authorized View 0m
- Lab: Creating a BigQuery authorized view 0m
- Cloud Storage Best Practices 2m
- Big Query Storage Best Practices 1m
- Module Overview 1m
- Application Vulnerabilities 4m
- How Cloud Security Scanner Works 3m
- Avoiding Unwanted Impact 2m
- Lab Intro: Using Cloud Security Scanner to Fix Vulnerabilities in an App Engine Application 0m
- Lab: Using Cloud Security Scanner to find vulnerabilities in an App Engine application 0m
- Types of Phishing Attacks 3m
- Cloud Identity-Aware Proxy (Cloud IAP) 2m
- Lab Intro: Configuring Cloud Identity-Aware Proxy 0m
- Secret Manager 11m
- Lab Intro: Configuring and Using Credentials with Secret Manager 0m
- Lab: Configuring and using credentials with Secret Manager 0m
