Professional Security Engineer Training
Master security on Google Cloud with this comprehensive 5-day training. Learn to configure access, configure network security, ensure data protection, manage operations, and ensure compliance.
Training Details
Section titled “Training Details”| Duration | 5 days (40 hours) |
| Level | Advanced |
| Delivery | In-person, Live online, Hybrid |
| Certification | Google Cloud Certified: Professional Cloud Security Engineer |
Who Is This For?
Section titled “Who Is This For?”- Security engineers working with GCP
- Cloud security specialists
- Security architects
- Anyone preparing for Professional Cloud Security Engineer certification
Learning Outcomes
Section titled “Learning Outcomes”After completing this training, you’ll be able to:
- Configure access within cloud solutions
- Configure network security
- Ensure data protection
- Manage operations and incident response
- Support compliance requirements
- Implement security automation
Detailed Agenda
Section titled “Detailed Agenda”Day 1: Identity and Access Management
Section titled “Day 1: Identity and Access Management”Module 1: Cloud Identity and IAM
- IAM best practices
- Service accounts and keys
- Workload identity
- Hands-on: Configure IAM
Module 2: Resource Hierarchy and Organization
- Organization policies
- Resource hierarchy design
- Policy inheritance
- Hands-on: Implement org policies
Module 3: Authentication and Authorization
- Identity-Aware Proxy
- OAuth and OIDC
- Context-aware access
- Hands-on: Implement authentication
Day 2: Network Security
Section titled “Day 2: Network Security”Module 4: VPC Security
- Private Google Access
- VPC Service Controls
- Firewall rules
- Hands-on: Configure VPC security
Module 5: Load Balancing and DDoS Protection
- Cloud Armor WAF
- SSL policies
- DDoS mitigation
- Hands-on: Implement Cloud Armor
Module 6: Interconnect Security
- VPN and Interconnect security
- Private connectivity
- Network security monitoring
- Hands-on: Secure hybrid connectivity
Day 3: Data Protection
Section titled “Day 3: Data Protection”Module 7: Encryption Strategies
- Cloud KMS key management
- Customer-managed encryption keys
- Encryption at rest and in transit
- Hands-on: Implement encryption
Module 8: Data Loss Prevention
- DLP API for sensitive data
- Data classification
- Redaction and masking
- Hands-on: Configure DLP
Module 9: Secret Management
- Secret Manager
- API key management
- Certificate management
- Hands-on: Manage secrets securely
Day 4: Security Operations
Section titled “Day 4: Security Operations”Module 10: Security Command Center
- Asset discovery and inventory
- Vulnerability scanning
- Threat detection
- Hands-on: Configure SCC
Module 11: Logging and Monitoring
- Cloud Audit Logs
- VPC Flow Logs
- Log analysis for security
- Hands-on: Monitor security events
Module 12: Incident Response
- Forensics and investigation
- Event Threat Detection
- Automated response
- Hands-on: Respond to incidents
Day 5: Compliance and Advanced Security
Section titled “Day 5: Compliance and Advanced Security”Module 13: Compliance and Governance
- Compliance frameworks
- Access Transparency
- Compliance reporting
- Hands-on: Implement compliance
Module 14: Container and Kubernetes Security
- GKE security features
- Binary Authorization
- Pod security policies
- Hands-on: Secure GKE
Module 15: Exam Preparation
- Exam format and scenarios
- Security case studies
- Practice questions
Prerequisites
Section titled “Prerequisites”- 2+ years security experience
- GCP fundamentals knowledge
- Understanding of networking and OS security
- Security framework knowledge
Delivery Formats
Section titled “Delivery Formats”| Format | Description |
|---|---|
| In-Person | On-site at your company’s location, hands-on with direct interaction |
| Live Online | Interactive virtual sessions with screen sharing and real-time labs |
| Hybrid | Combination of on-site and remote sessions, flexible scheduling |
All formats include hands-on labs, course materials, practice exams, and post-training support.