Google GCP-PCSE (Professional Cloud Security Engineer) Training in Pune/ Online
Duration of Training : 32 Hours
Batch type : Weekdays/Weekends
Mode of Training : Classroom/Online/Corporate Training
Why Radical Technologies
Configuring access within a cloud solution environment
Configuring Cloud Identity. Considerations include:
– Managing Cloud Identity
– Configuring Google Cloud Directory Sync
– Managing super administrator account
– Automating user lifecycle management process
– Administering user accounts and groups programmatically
Managing service accounts. Considerations include:
– Protecting and auditing service accounts and keys
– Automating the rotation of user-managed service account keys
– Identifying scenarios requiring service accounts
– Creating, authorizing, and securing service accounts
– Securely managing API access management
– Managing and creating short-lived credentials
Managing authentication. Considerations include:
– Creating a password policy for user accounts
– Establishing Security Assertion Markup Language (SAML)
– Configuring and enforcing two-factor authentication
Managing and implementing authorization controls. Considerations include:
– Managing privileged roles and separation of duties
– Managing IAM permissions with basic, predefined, and custom roles
– Granting permissions to different types of identities
– Understanding difference between Cloud Storage IAM and ACLs
– Designing identity roles at the organization, folder, project, and resource level
– Configuring Access Context Manager
Defining resource hierarchy. Considerations include:
– Creating and managing organizations
– Designing resource policies for organizations, folders, projects, and resources
– Managing organization constraints
– Using resource hierarchy for access control and permissions inheritance
– Designing and managing trust and security boundaries within Google Cloud projects
Configuring network security
Designing network security. Considerations include:
– Configuring network perimeter controls (firewall rules; Identity-Aware Proxy (IAP))
– Configuring load balancing (global, network, HTTP(S), SSL proxy, and TCP proxy load balancers)
– Identifying Domain Name System Security Extensions (DNSSEC)
– Identifying differences between private versus public addressing
– Configuring web application firewall (Google Cloud Armor)
– Configuring Cloud DNS
Configuring network segmentation. Considerations include:
– Configuring security properties of a VPC network, VPC peering, Shared VPC, and firewall rules
– Configuring network isolation and data encapsulation for N tier application design
– Configuring app-to-app security policy
Establishing private connectivity. Considerations include:
– Designing and configuring private RFC1918 connectivity between VPC networks and Google Cloud projects (Shared VPC, VPC peering)
– Designing and configuring private RFC1918 connectivity between data centers and VPC network (IPSEC and Cloud Interconnect).
– Establishing private connectivity between VPC and Google APIs (Private Google Access, Private Google Access for on-premises hosts, Private Service Connect)
– Configuring Cloud NAT
Ensuring data protection
Protecting sensitive data. Considerations include:
– Inspecting and redacting personally identifiable information (PII)
– Configuring pseudonymization
– Configuring format-preserving substitution
– Restricting access to BigQuery datasets
– Configuring VPC Service Controls
– Securing secrets with Secret Manager
– Protecting and managing compute instance metadata
Managing encryption at rest. Considerations include:
– Understanding use cases for Google default encryption, customer-managed encryption keys (CMEK), customer-supplied encryption keys (CSEK), Cloud External Key Manager (EKM), and Cloud HSM
– Creating and managing encryption keys for CMEK, CSEK, and EKM
– Applying Google’s encryption approach to use cases
– Configuring object lifecycle policies for Cloud Storage
– Enabling confidential computing
Managing operations in a cloud solution environment
Building and deploying secure infrastructure and applications. Considerations include:
– Automating security scanning for Common Vulnerabilities and Exposures (CVEs) through a CI/CD pipeline
– Automating virtual machine image creation, hardening, and maintenance
– Automating container image creation, verification, hardening, maintenance, and patch management
Configuring logging, monitoring, and detection. Considerations include:
– Configuring and analyzing network logs (firewall rule logs, VPC flow logs, packet mirroring)
– Designing an effective logging strategy
– Logging, monitoring, responding to, and remediating security incidents
– Exporting logs to external security systems
– Configuring and analyzing Google Cloud audit logs and data access logs
– Configuring log exports (log sinks, aggregated sinks, logs router)
– Configuring and monitoring Security Command Center (Security Health Analytics, Event Threat Detection, Container Threat Detection, Web Security Scanner)
Ensuring compliance
Determining regulatory requirements for the cloud. Considerations include:
– Determining concerns relative to compute, data, and network
– Evaluating security shared responsibility model
– Configuring security controls within cloud environments
– Limiting compute and data for regulatory compliance
– Determining the Google Cloud environment in scope for regulatory compliance
Learn Google GCP-PCSE – Course in Pune with Training, Certification & Guaranteed Job Placement Assistance!
Online Batches Available for the Areas
Ambegaon Budruk | Aundh | Baner | Bavdhan Khurd | Bavdhan Budruk | Balewadi | Shivajinagar | Bibvewadi | Bhugaon | Bhukum | Dhankawadi | Dhanori | Dhayari | Erandwane | Fursungi | Ghorpadi | Hadapsar | Hingne Khurd | Karve Nagar | Kalas | Katraj | Khadki | Kharadi | Kondhwa | Koregaon Park | Kothrud | Lohagaon | Manjri | Markal | Mohammed Wadi | Mundhwa | Nanded | Parvati (Parvati Hill) | Panmala | Pashan | Pirangut | Shivane | Sus | Undri | Vishrantwadi | Vitthalwadi | Vadgaon Khurd | Vadgaon Budruk | Vadgaon Sheri | Wagholi | Wanwadi | Warje | Yerwada | Akurdi | Bhosari | Chakan | Charholi Budruk | Chikhli | Chimbali | Chinchwad | Dapodi | Dehu Road | Dighi | Dudulgaon | Hinjawadi | Kalewadi | Kasarwadi | Maan | Moshi | Phugewadi | Pimple Gurav | Pimple Nilakh | Pimple Saudagar | Pimpri | Ravet | Rahatani | Sangvi | Talawade | Tathawade | Thergaon | Wakad