Google Cloud

Security in Google Cloud

מספר הקורס 4325

24 סה"כ שעות אקדמאיות
3 מפגשים
* מספר המפגשים והשעות למפגש עשויים להשתנות בין קורס לקורס

המועדים הקרובים

קורס לקבוצות

הקורס נפתח במתכונת של קבוצה בלבד, בהתאמה אישית לארגונים.
לפרטים נוספים:

ספרו לי עוד


This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure GCP solution. Participants also learn mitigation techniques for attacks at many points in a GCP-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use.


On Completion, Delegates will be able to

Understand the Google approach to security

Manage administrative identities using Cloud Identity

Implement least privilege administrative access using Google Cloud Resource Manager, Cloud IAM

Implement IP traffic controls using VPC firewalls and Cloud Armor

Implement Identity Aware Proxy

Analyze changes to the configuration or metadata of resources with GCP audit logs

Scan for and redact sensitive data with the Data Loss Prevention API

Scan a GCP deployment with Forseti

Remediate important types of vulnerabilities, especially in public access to data and VMs


Who Should Attend

Cloud information security analysts, architects, and engineers

Information security/cybersecurity specialists

Cloud infrastructure architects

Developers of cloud applications


תכנית הלימודים

Full syllabus
PDF להורדה

Part 1: Networking in Google Cloud: Defining and Implementing Networks

Module 1: Google Cloud VPC Networking Fundamentals

In this module, we're going to cover the fundamentals of Virtual Private Cloud (VPC) networking in Google Cloud. This includes the different types of VPC objects, Internal DNS, Cloud DNS, IP aliases and VMs with multiple network interfaces.

Module 2: Controlling Access to VPC Networks

In this module, we're going to cover ways to control access to VPC Networks. This includes Cloud Identity and Access Management (Cloud IAM) and firewall rules.

 Module 3: Sharing Networks across Projects

In this module, we are going to cover two configurations for sharing VPC networks across Google Cloud projects. First, we will go over Shared VPC which allows you to share a network across several projects in your Google Cloud organization. Then, we will go over VPC Network Peering which allows you to configure private communication across projects in the same or different organizations.

 Module 4: Load Balancing

In this module, we are going to cover the five different types of load balancers that are available in Google Cloud. We will also go over managed instance groups, Cloud Armor and Cloud CDN.


Part 2: Networking in Google Cloud: Hybrid Connectivity and Network Management

Module 5: Hybrid Connectivity

In this module, we are going to cover the Google Cloud interconnect and peering services available to connect your infrastructure to Google Cloud. These services are Dedicated Interconnect, Partner Interconnect, IPsec VPN, Direct Peering and Carrier Peering.

Module 6: Networking Pricing and Billing

In this module, we are going to cover how Google Cloud networking features are charged for, how to leverage Network Service Tiers to optimize your spend and how to administer billing within Google Cloud.

Module 7: Network Monitoring and Troubleshooting

In this module, we are going to cover network monitoring and logging features that can help you troubleshoot your Google Cloud network infrastructure.

  • Prior completion of Google Cloud Fundamentals: Core Infrastructure course or equivalent experience
  • Prior completion of Networking in Google Cloud or equivalent experience
  • Knowledge of foundational concepts in information security:

    • Fundamental concepts:

      • vulnerability, threat, attack surface
      • confidentiality, integrity, availability
    • Common threat types and their mitigation strategies
    • Public-key cryptography

      • Public and private key pairs
      • Certificates
      • Cipher types
      • Key width
    • Certificate authorities
    • Transport Layer Security/Secure Sockets Layer encrypted communication
    • Public key infrastructures
    • Security policy
  • Basic proficiency with command-line tools and Linux operating system environments
  • Systems Operations experience, including deploying and managing applications, either on-premises or in a public cloud environment
  • Reading comprehension of code in Python or JavaScript

Schedule Appointment

Fill out the form below, and we will be in touch shortly.

לא הצלחנו לאתר את הטופס.