​K Labs mette a tua disposizione i propri Trainers Certificati, i Laboratori Didattici, i Simulatori di Esame, il proprio Test Center e un Tutor a te dedicato per la preparazione all'esame.


Grazie al nostro supporto la percentuale di candidati che ottengono la certificazione al primo tentativo è prossima al 100%.​

fabio-oyxis2kalvg-unsplash (1).jpeg
939869167014516ec34430a26728e18e 2
logo k labs nuovo-white

Rimani aggiornato sulle novità formative.

Lasciaci la tua e-mail!​

Rimani aggiornato sulle novità formative.

Lasciaci la tua e-mail!​




CLOUD, Certification, IOT, Kubernetes, Security, artificialintelligence, machinelearning, bigdata, deeplearning, bigquery, cloudsecurityengineer, datasecurity

NewCondition 1600.00
Pre-Order

DESCRIPTION
This workshop is designed to help IT professionals prepare for the Google Professional Cloud Security Engineer certification exam. In this workshop, we review the exam guidelines and cover the main topics you may be tested on.

The Professional Cloud Security Engineer exam assesses your ability to design and implement a secure infrastructure on Google Cloud Platform. The exam, and hence this course, focuses on many aspects of Cloud Security including managing identity and access management, defining organizational structure and policies, using Google technologies to provide data protection, configuring network security defenses, collecting and analyzing Google Cloud Platform logs, managing incident responses, and an understanding of regulatory concerns.

OBJECTIVES
Prepare for the Google Professional Cloud Security Engineer certification exam
Configure access within a cloud solution environment
Configure network security
Ensure data protection
Manage operations within a cloud solution environment
Ensure compliance

PREREQUISITES
This workshop assumes prior knowledge of Google Cloud Platform (GCP) and is not an introduction to GCP. We strongly recommend taking the Architecting with Google Compute Engine and Security in Google Cloud Platform courses prior to attending this workshop.

To see the full Google Cloud Platform curriculum, click here.

Prior to taking the Professional Cloud Security Engineer certification exam, students must have experience developing applications and services that run on Google Cloud Platform. The exam tests ability in all aspects of Cloud Security including managing identity and access management, defining organizational structure and policies, using Google technologies to provide data protection, configuring network security defenses, collecting and analyzing Google Cloud Platform logs, managing incident responses, and an understanding of regulatory concerns

Practice Quizzes and Hands-On Exercises
This workshop includes instructor lecture, demos, labs, practice quizzes, and links to recommended study materials, videos, and tutorials. Homework assignments are also included to help students further prepare for the exam.

TOPICS
Module 1: Professional Cloud Security Engineer Certification Overview
Exam Overview and Expectations
What You are Tested On
Exam Format
Registering for the Exam

Module 2: Identity and Access Management
Google Cloud Identity
Centrally Manage Users and Groups
Google Admin Console
Configuring Google Cloud Directory Sync (GCDS)
Google Authentication vs. SAML-based SSO
Configuring and Enforcing Two-Factor Authentication
Setting Password Policy for User Accounts
Cloud Identity Best Practices
Cloud IAM
Managing User Access at the Project and Organization Level
Leveraging Primitive, Predefined, and Custom Roles
Creating, Authorizing, and Securing Service Accounts
Managing Service Accounts and Keys
Rotating User-Managed Service Account Keys
Managing Resource Hierarchy
Using Resource Hierarchy for Access Control and Permissions Inheritance
Creating and Managing Organizations
Resource Structures (Orgs, Folders, Projects, and Resources)
Defining and Managing Organization Constraints
Exam Prep
Quiz

Module 3: VPC Network Security
Network Design
VPCs and Subnets
Private vs. Public Addresses
Controlling Network Access
Firewall Rules
Routes
SSH
RDP
Cloud NAT
Connecting Networks
VPNs
VPC Peering
Shared VPCs
Serverless VPC Access
Accessing Google APIs from Private IPs
Exam Prep
Quiz

Module 4: Network Services Security
Securing Access to Instances
OS Login
IAP SSH Tunnel
Shielded VMs
Configuring Secure Load Balancers
Load Balancer Types
Internal Load Balances
External Load Balancers
SSL
DNSSEC
Mitigating DDOS
CDN
Cloud Armor
Basic Rules
WAF Rules
Exam Prep
Quiz

Module 5: Data Security
Encryption at Rest
Envelope Encryption
GCP Default Encryption at Rest
Customer-Managed Encryption Keys (CMEK)
Customer-Supplied Encryption Keys (CSEK)
Managing Keys in Google’s KMS
Using CMEKs with Cloud Storage
Using CMEKs with Persistent Disks
Using CMEKs with BigQuery
Using CMEKs with Cloud SQL
Managing Application Secrets
Managing Storage Buckets
Understanding Google Cloud Storage IAM Permissions and ACLs
Bucket-Only Policies
Managing Cloud Storage Object Lifecycle
Retention Policies
Bucket Locks
Data Loss Prevention
Identifying Sensitive or PII Data
Defining Custom Info Types
Redacting Data from Various File Formats
Using Tokenization and Format Preserving Substitution
Exam Prep
Quiz

Module 6: Securing Applications
Application Security
Cloud Security Scanner
Static Code Analysis
Automate Security Scanning with a CI/CD Pipeline
Hardening Virtual Machines
Creating and Maintaining Container Images
Binary Authorization
Monitoring Application Logs
Backup and Data Loss Strategy
Authentication and Authorization
Identity Platform
Identity Aware Proxy
Context Aware Proxy
PaaS Security
App Engine Security
IAM Roles
Firewall Rules
SSL
Runtime Service Account
Cloud Functions Security
IAM Roles
Runtime Service Account
Cloud Run Security
Kubernetes Security
Configuring Nodes
Node Service Account
RBAC
Kubernetes Networking
Configuring Ingresses for TLS
Secrets
Secret Manager
Exam Prep
Quiz

Module 7: Managing Operations
Logging, Monitoring, and Alerting
Organizational Policies
Cloud Audit Logging
Installing Logging and Monitoring Agents in AWS and GCP
Integrating Monitoring, Logging, and Diagnostics
Exporting Logs for Near Real-time Monitoring and Long-Term Storage
Monitoring for Security Events
Detect Violations of Policies at Scale with Forseti
Alerting
Security Command Center
Assets
Findings
Vulnerabilities
Threat Detection
Data Loss Prevention
VPC Service Controls
Define a Security Perimeter Around GCP Resources
Mitigate the Risk of Data Exfiltration
Exam Prep
Quiz

Module 8: Compliance
Legal and Regulatory Compliance
Regulatory Concerns
PCI-DSS
Determining Which Compute Environment Is Appropriate Based on Company Compliance Standards
Shared Responsibility Model
Guarantees and Constraints for Each Compute Environment (Compute Engine, Kubernetes Engine, App Engine)
Limiting Compute and Data for Regulatory Compliance
Exam Prep
Quiz

google-cloud-advanced-skills-certification-workshop-professional-cloud-security-engineer
logo k labs nuovo-white

K Labs S.r.l.

Tel. +39 059 821229 | info@klabs.it

P.Iva IT02034520367

PRIVACY E COOKIE

©2024  K LABS Srl - TUTTI I DIRITTI RISERVATI


linkedin

©2024  K LABS Srl - TUTTI I DIRITTI RISERVATI

PRIVACY E COOKIE


linkedin

FOLLOW US

FOLLOW US