GCP Security Engineer
Google Cloud Security Engineer Online Training
Duration:- 2 Weeks
1,GCP Fundamentals
Regions & Zones
[Create Process] Create GCP Account
[Hands-on] Create GCP Free Tier Account
Cloud Security Examination (Certification)
2,Security at Google
Why we believe google to deploy our applications
Securing GCP Infrastructure
Configuring access within Cloud Solution Env
incident-response
https://cloud.google.com/docs/security/incident-response
3,Cloud Identity
Cloud Identity - Google Account
Cloud Identity - Google Workspace Account
[Hands-on] - Cloud Identity
[Hands-on] - Cloud Identity Verfication
4,Managing Cloud Identity
Exploring Google Admin Console
[Hands-on] adding users
[Hands-on] Creating Google Groups
Password Policy and Enforce 2 SV verification
Google Cloud Directory Sync
SSO Configure
5,Resource Hierarchy
Resource Hierarchy in GCP (Org, Folder and Projects)
[Hands-on] (creating folders, creating projects)
[Hands-on] Creating Organization Policy - I
[Hands-on] Creating Organization Policy - II
6,Cloud IAM
Identity Access Management[identity, Roles & Permissions]
Primitive Roles
Pre-defined Roles
assigning Primitive roles to user [Hands-on]
assigning Pre-defined roles to user [Hands-on]
7,Service Accounts
Introduction of Service Accounts
Create Service Accounts
[Hands-on] assigning Service account to vm
[Hands-on] Cloud API Access Scope - IAM
[Hands-on] Cloud API Access Scope - Legacy
Service Account Role [Hands-on]
Service Account RSA private keys [Hands-on]
8,Configuring network security & VPC
CIDR Notation
Exploring Default VPC & Subnets
Create Auto VPC [Hands-on]
Create Custom VPC with a subnet [Hands-on]
Create VM with a Custom VPC [Hands-on]
Firewall & Ports
Creating Firewall Rule [Hands-on]
Internal & External IPAddress
Internal & External IPAddress [Hands-on]
Static & Ephemeral IPAddress
Static & Ephemeral IPAddress [Hands-on]
VPC Peering
VPC Peering [Hand-on]
9,Hybrid Network Connectivity
Hybrid connectivity options
Create Cloud Interconnect
Dedicated Interconnect vs partner Interconnect
10,Advanced Network topics
DNSSEC
Google Private Access[Hands-on]
Identity Aware Proxy
Identity Aware Proxy with a application [Hands-on]
11,Data Loss Prevention API (DLP)
Introduction DLP API
[hands-on] DLP API
Templates, Info_types & Matchs
Create Stored Info_types [Hands-on]
Create Template [Hands-on]
Create job for inspection [Hands-on]
Template for De-identification [Hands-on]
12,Data Encrypting at rest
Introduction of Encryption
What is KMS
Google Managed Encryption Keys
Customer Managed Encryption Keys [Hands-on]
Customer supplied Encryption Keys [Hands-on]
Object Life Cycle Rules [Hands-on]
Introduction of Secret manager
App Secrets with Secret manager [Hands-on]
What is Cloud Function
Fetch Secret from Cloud Function
13,Managing GCP Operations with compliance
What is RPO & RTO
What is Authentication vs Authorization
Backup Data Part [Hands-on]
Database Backup [Hands-on]
Web Security Scanner [Hands-on]
Security Command Center [Hands-on]
What is Cloud Logging
Exploring Cloud Logging
Cloud Log Sinks
Container Scanning API
Binary Authorization
Forseti Security
14,Cloud Armor
Introduction of Cloud Armor
Cloud Armor Demo_1 [Hands-on]
Cloud Armor Demo_2 [Hands-on]
Delete All Resources [Hands-on]
