Google Cloud Cybersecurity Certificate Course
Key Takeaways
The Google Cloud Cybersecurity Certificate Course covers cloud cybersecurity, risk management, threat protection, and cloud cyber security attacks, using tools like Google Cloud Console and Cloud Shell, and concepts like defense in-depth model and shared responsibility model
Full Transcript
Step into the world of Google Cloud cyber security and become a digital defender against evolving cyber threats. This certificate program from Google Cloud combines expert-led instruction with hands-on Google Cloud Labs, equipping you to analyze vulnerabilities, build robust defenses, and safeguard critical systems. This complete course can be watched alongside the Google Cloud Skills Boost platform where you will find interactive labs and hands-on practice environments. You get 35 credits free per month for labs, but for faster completion, you can pay for unlimited access. At the end, you can earn a certificate. And thanks to Google for providing a grant to make this course possible. [Music] Picture this. You've got a startup that's just gaining traction. So, you want to organize a database of customers and streamline some of your processes with updated programs. It wasn't too long ago that you'd have to keep all of your data and programs you want to run on premises where your data is physically stored on site in a room full of massive computers. Thankfully, in the 1960s, some innovative engineers thought, "Hey, what if we shared computing power across a bunch of different businesses, so they didn't all have to manage their own systems?" The engineers idea was a success then and continues to evolve today. Consider how far we've come. Today, instead of needing to find a physical space, staff, and surveillance, you can access the resources you need by connecting to a remote data center through the cloud. These remote data centers store awesome amounts of information as well as hardware and software applications and networking equipment, way more than those engineers dreamt. The cloud makes it all possible. I know all this cloud stuff sounds fantastic, and it is. It's also extremely at risk of attack. Cyber criminals know that the cloud holds a ton of valuable data. That data is coming from users and industries all around the world. Cyber criminals also know the cloud is a complex shared environment. So securing the cloud can be challenging. Cloud security is a vital and highly valued profession. It's also an exciting one because as a cloud security team builds robust security, cyber criminals continue to attack. The content in this program will equip you with the knowledge and skills required of entry-level roles in the field of cloud cyber security and career resources including resume and interview prep will help you prepare to apply for jobs in the field. My name is Megan and I'm a security engineer at Google. I'll be your instructor for the first course of this certificate program. I'm on the security reviews team under information security engineering. My team evaluates all of our product and feature launches to make sure they're secure before making them available to the public. I usually describe my job as ethical hacking. My background is in computer science, but I learned a lot about security in different ways. I took introductory security classes in school and learned about networking, disaster recovery, and offensive security through internships. Outside of school, I learned most of my hacking knowledge through online resources, cyber security certificates like this one, and capture the flag challenges. A unique thing about me is that I'm disabled. I have a chronic illness that sometimes makes it difficult to work when I'm having a flare up. I was worried about starting my first full-time job, but my co-workers and managers have been nothing but supportive. The program is divided into courses based on different cloud cyber security processes. The course topics include introduction to cyber security in cloud computing, proven strategies for risk management in the cloud, identifying and protecting against threats in the cloud, and detecting, responding, and recovering from cloud cyber security attacks. Each topic builds on the content before it, so I encourage you to complete the courses in order. The final course is the capstone. It's a great opportunity to demonstrate the knowledge and skills you gained throughout your academic journey. As you work on your project, we've got videos and readings to teach you cloud cyber security concepts and skills. Then, interactive activities and labs will let you practice those concepts and skills. You can take the labs more than once, and lots of learners do. So, if you hit some trouble spots, just keep at it. You'll also have quizzes to confirm your understanding and glosseries to help reinforce key terms. I'll be by your side throughout this first course, making sure you're getting the foundational knowledge you need. Then you'll meet my teammate, Preston. Hello, I'm Preston and I'm a security engineer here at Google. Together, we'll explore cloud risk management frameworks. In this course, you'll learn how to identify risks and implement security controls to mitigate them. You'll also understand compliance while managing data protection and privacy, and you'll compare and adopt frameworks. Next, Manny will take over. Hey there, I'm Manny and I'm a Google security engineer. I'm really excited to introduce you to identity management and access control principles in a cloud environment. We'll check out three of my favorite topics, threat and vulnerability management, cloudnative principles, and data protection measures. Next, in the course on cyber security attacks in cloud, you'll learn from Selene. Hi, my name is Selene and I'm a security engineer at Google. I'm excited to investigate how cloud cyber security professionals can detect, respond, and recover from cyber security attacks. Together, we'll dive into logging, security, and alert monitoring, and mitigation techniques. Last up, you'll meet Louis when you put everything together that you've learned in a capstone project. Hello, I'm Louis, a Google security architect, and I'm going to help you prepare to wow potential employers. Together, we'll put everything you learned from courses 1 through 4 into action in a capstone project. You'll create impressive work examples to share with future employers. We instructors are really happy you're here. So, let's get started. Hey there. Welcome to the first stage of your cloud cyber security learning journey. In this course, you'll explore essential security principles in cloud computing. You'll get an overview of the security life cycle and investigate Google Cloud tools like the Google Cloud Console and Cloud Shell. You'll gain insight into DevSec Ops, which stands for development, security, and operations. This methodology integrates security into the entire software development life cycle. Along the way, you'll discover how you can translate many of the skills you already have into the cloud security field. These transferable skills include problem solving, analytical thinking, collaboration, and communication. One of my favorite things about this field is that as the cloud evolves, so do the ways in which it security can be compromised, which means I get to learn new things all the time. So, let's get started. In this section of the program, you'll kick off with a general introduction to cloud computing and cloud infrastructure. Then you'll examine how virtualization containers and storage function in cloud computing. Next, you'll deepen your defenses in the cloud using security controls, identity and access management, and networking practices. You'll also discover how users and cloud service providers share security responsibilities in different cloud models like infrastructure, software, and platform as a service. Then you'll check out automation in the security life cycle. You'll learn about teams and workflows along with automation's role in software pipelines and infrastructure as code. Plus, you'll explore the software supply chain and the importance of securing it. To wrap up, you'll explore the roles, responsibilities, skills, and tools of a cloud cyber security analyst. You'll experience Google's cloud shell and add lots of tech solutions to your cloud security toolbox. I'm here to help you every step of the way. And keep in mind, you set the pace. When you're ready, head on over to the next topic. When you're learning a special skill, it helps to understand the basics first. You wouldn't try to surf big waves without knowing how to swim. That's why we're going to take a dive into the foundational concepts of cloud computing first, so you can gain the knowledge you'll need to succeed in this program and ride some waves into your future career. You'll start off with an overview of cloud infrastructure. Then, you'll consider key strategies when migrating to the cloud. Next, you'll check out components of cloud computing and learn about how it improves on the traditional on- premises approach. Then, you'll be introduced to containers and their applications in the cloud. You'll discover how containers help users deploy more agile and portable software packages. You'll also review cloud storage options for different data types. When you're ready, let's begin. My name is Ben and I'm the senior vice president of learning and sustainability at Google. I'd always been interested in learning because for me my mom my mother was a school teacher and I felt that um learning is really what enables people to reach a different point than they otherwise would. Uh I know it enabled me to go to a place I could not have dreamt of being were it not for the education I got. And I think that's incredibly uh important for people to have access to that kind of opportunity. And growing up in India, I did have access to a good school. I did not come from a wealthy family, but I had access to a good school. And I saw the difference it made in my life. And I think today with the help of technology, we can hopefully bring more of that opportunity to more people in the world. The cloud is really important because it's a trajectory of where computation is going. If you think about all of the major uh products that you use, almost all of them are now based in some uh online cloud uh data center and they have access to all these amazing computing resources and they enable you to these these services to really provide amazing things for their users. So studying cloud technologies enables you to participate in that whole economy of jobs and of opportunities that consist of building these powerful facilities in the cloud that are being used by people around the world. One of the really interesting ways in which education is evolving is allowing people to build and learn individual skills through various skilling courses. Many aspects of education are not available to everybody everywhere unfortunately but it's possible to build the basic skills that one could get from that one needs from an education more peace meal today and I think the approach of skilling can allow people to build up the pieces of the education that they really need in the way that they have access to in a way that they have time for in a way that they have the resources for. The initial parts of learning anything are learning the basics and the fundamentals. Whether it is a sport or a or or or a physical skill like carpentry or whatever, the first steps are learning the basics. So, persevere with it and it'll get really interesting. I've been working with computers for what is it now over 30 35 years and it is still fascinating every day. Thanks to the cloud, we can now interact with data pretty much anywhere and at any time. Whether it's checking the weather to see if I need a sweater or streaming my favorite podcast. It may seem like magic, but storing all that data and keeping it organized takes infrastructure. Of course, data existed and needed to be stored before the cloud. So, let's check out where we started before learning where we're going. Before the cloud, organizations kept their data in large physical infrastructures, usually on premises. On premises or onrem as we say in the industry, describes information technology infrastructure that's physically located in an organization's own data center or office. This means the organization manages their own servers, networks, and storage to run and store data. Now, the cloud uses these physical structures to run. All of the information it holds is hosted by a cloud service provider, also known as a CSP. And these providers store cloud resources in data centers. A data center is a physical building that stores servers, computer systems, and associated components, creating a centralized location for vast amounts of data. The servers within data centers provide computing power to the cloud. Cables connect the machines, which then link up to other data centers in the area. This is called a zone. A zone is the collective number of data centers in an area. A zone may contain one data center or multiple data centers. And a region is a group of zones. Google Cloud has many regions across the globe and it's always growing. Google Cloud refers to the grouping of zones and regions as failure domains. A failure domain is a resource that can fail without impacting the availability of data. Failure domains can include zones and regions where data is replicated to improve resiliency. Resiliency is the ability to prepare for, respond to, and recover from disruptions. Having data across failure domains is one way that cloud service providers safeguard user data. Let's use an example. Let's say you're a cloud cyber security professional and your organization uses cloud resources in a zone on the coast of Australia. You're in the middle of work one day when there's a power outage to the data center in your zone. It's all okay, though. Your work is safe because you've selected services from your CSP that replicate your resources across other failure domains. The practice of having multiple copies of data in different locations to avoid a single point of failure is referred to as redundancy. Redundancy ensures your data is available when you need it. All right, now you know where data is kept in the cloud. But how is data stored and more importantly, how fast can you access the stored data? With such an incredible amount of information being generated every single second, quick access is essential. This concept is called latency. Latency is the time it takes for data to travel from one location to another. This can be from a user's device to a cloud server or between cloud servers. For example, when you're on a website, the lower the latency, the faster the web page loads. And research shows that 53% of users will leave web pages that don't load within 3 seconds. I am definitely in that 53% for the record. So, CSPs strive to provide low latency to users. Latency, redundancy, and the cloud's underlying infrastructure have the potential to significantly improve an organization's commitment to their users. In fact, these benefits contribute to an organization's digital transformation journey. Digital transformation is when an organization modernizes their applications, services, and customer relationships by using new technologies. The cloud's ability to scale and globally replicate data enables an organization to provide a better user experience to not only their employees, but also their customers. As a cloud security professional, it will be really important to understand how cloud infrastructure works. With your knowledge of these core cloud concepts, your cloud learning journey is underway. No latency here. The cloud delivers infrastructure in a few varieties called deployment models. Let's take a deep dive into the different options users have for tapping into the power of cloud computing. The deployment model is an important consideration for cloud infrastructure. There are three main options, public, private, and hybrid. First up is public cloud, which is a cloud model that delivers computing, storage, and network resources through the internet, allowing users to share on demand resources based on their specific business needs and operational goals. So, the CSP's infrastructure and resources are shared in a multi-tenant environment with other users. A multi-tenant environment is an environment in which cloud infrastructure and resources are shared among users. You never know who your data center neighbor might be. Even though you share resources, the other users can't access your data. Privacy matters. Next up is private cloud, which is a cloud model in which all cloud resources are dedicated to a single user or organization and are created, managed, and owned within on premises data centers. In this cloud model, all cloud resources are dedicated to a single user or organization. They own the underlying infrastructure typically in their own data center but they use a CSP because the infrastructure and resources are dedicated to the single user. The private cloud is a single tenant environment. A single tenant environment is an environment in which cloud infrastructure and resources are dedicated to a single user. This model is especially useful for companies with compliance and/or regulatory considerations. Think of the private cloud as owning a business and the public cloud as renting office space. An individual business is responsible for maintenance and repairs. But the business owner also has the flexibility to make renovations or structural changes like adding a new kitchen. Similarly, using the private cloud means the business has both responsibility and control over the resources and infrastructure. On the other hand, when renting an office space, a business probably has to stick to the current floor plan and are unable to make structural changes, but the management company takes care of the upkeep and repairs like the electrical, heat, and cooling. Your rent probably includes maintenance fees, but the business isn't responsible for the repairs. Much like the public cloud, users pay the CSP for both resource usage and maintenance. Okay. Finally, we have the hybrid cloud, which is a cloud model that combines public and private models, so organizations can enjoy both the cloud services and the control features of on premises cloud models. Hybrid cloud allows users to add a public cloud provider to an existing on premises infrastructure, which increases computing power without adding data center expenses. Because users choose where their applications sit and where computing happens, there are key security and compliance advantages, too. A hybrid cloud is like having a storage unit. The business has the convenience and access of more space without needing to move or expand. With users consuming an increasing amount of cloud resources, the multicloud deployment model has emerged. Multicloud is the strategy of using more than one cloud service provider. For example, your organization might use Google's Gmail service for corporate email and another cloud service provider for storing its data. Whether your future employer is best suited to a public, private, hybrid, or even multicloud model, all offer innovative ways to advance and protect computing resources. All computer users at one time or another experience speed, performance, or storage problems. Maybe you bought a laptop, but it takes longer and longer to load because of limited space left on the hard drive. Or maybe your desktop computer has a lot of memory, but as it gets older, you can't add the app you want because the computer isn't compatible. Well, the cloud can help you with these and lots of other constraints related to storing your data, software, and hardware locally. And that's just what we're going to explore in this video. Specifically, we'll discuss five major cloud benefits. The first benefit of the cloud is faster time to market. With cloud computing, your organization won't waste time, energy, and money buying hardware, waiting for it to be installed and configured, and then inevitably diagnosing hardware problems. And the ability to quickly create infrastructure means getting new apps out to consumers much more quickly. The second benefit of cloud computing is scalability. In an on premises environment, the number of storage devices varies with the demand for data. The cloud security team will need to add new devices in order to manage the growing data. When these devices are no longer needed, the team members have to find another use for the devices because they can't be returned to the supplier. But with the cloud, the resources automatically match the workload, often saving time, effort, and money. Now, just as time to market and scalability often lowers expenses, switching to the cloud itself can provide cost savings. When using an on premises solution, a business is responsible for the costs of physical hardware, the staff managing the devices and data center plus maintenance and service fees. This framework is called capital expenditure or capex. The cloud follows an operational expenditure or opex model. Opex means you only pay for the resources you use. Pretty cool, huh? The CSP is responsible for all upfront costs of physical equipment and spaces like servers, networking devices, and data centers. And because there are so many users, sharing cloud resources cuts the price tag for everyone. Okay, now there's the advantage of better collaboration. When using the cloud, companies don't need a direct connection to physical resources to access their data. With just an internet connection, they can access it from anywhere in the world. This enables globally distributed teams to collaborate easily and efficiently. Another prime advantage is the cloud's extensive security capabilities. And this, of course, is where cloud cyber security professionals really shine. They know how to ensure the confidentiality, integrity, and availability of cloud-based data, applications, and infrastructure. They work hard and think creatively to prevent unauthorized access or criminal exploitation. This keeps cloud assets safe and secure. Likewise, using the cloud helps avoid damage to business resources and information and it prevents data loss because redundancy practices ensure information is replicated across failure domains. You might recall redundancy is the practice of distributing cloud resources across zones and regions. While there are lots of really great benefits to using the cloud, it isn't perfect. So, it's important for cloud cyber security professionals to recognize the cloud's limitations. The reliance on a stable internet connection is of key importance. In some cases, a CSP's network connection might be compromised. This would cause users to experience longer wait times to access their cloud resources. The good news is that CSPs can mitigate this issue by having multiple connections to the internet for each cloud location. In a time when technology is developing at light speed, the cloud provides some key advantages that enable organizations to make the most of these incredible innovations. As a cloud security professional, you'll play a key role in helping your future employer advance its operations, quickly scale, adapt to market changes, minimize costs, and increase data security. These are just some of the ways you can bring a ton of value to any organization you serve. You might know that phrase, the only thing constant is change. This idea of change is directly relevant to cloud technology, especially its ability to constantly keep up with amazing technical advancements, surprising market shifts, ever evolving consumer demands, changing organizational structure, and so much more. The pace of change is accelerating, so it's important to be able to adapt. This can be challenging, but it's also an opportunity to grow and learn, just like you're growing and learning through this training. By embracing change, you're in a better position to stay ahead of the curve and make the most of whatever may come your way. And what's coming your way in this video is an investigation into cloud computing and how it enables businesses to proactively respond to change. Let's start with a quick definition. Cloud computing refers to the practice of using ondemand computing resources as services hosted over the internet. For example, this enables users to reduce information technology or IT overhead while enjoying advantages like scalability, enhanced collaboration, responsiveness, and cost savings. In cloud computing, an instance is a server resource that runs workloads in the cloud. Instances are created or retired quickly to keep pace with the latest releases and updates. Now, a very important part of cloud computing is something called ephemererality. Ephemerality is the concept that things only exist for a short amount of time. In other words, change in the cloud is constant. Cloud security analysts use ephemererality on the job all the time. Take this example. Rather than spending time patching software on enduring physical servers, analysts create a new server image, which is a server in the cloud. Creating a new healthy server means analysts can quickly launch a new instance. Ephemerality helps make the cloud more flexible because resources can easily adapt to change. The CSP enhances the performance of cloud assets. Since assets can scale quickly using ephemererality, ephemeral resources are a big plus in the security field because they are less likely to be targeted by attackers. Cyber criminals would need to quickly find and exploit a vulnerability before it's destroyed. All right, now let's go over the three main categories of cloud computing resources. Compute, storage, and networks. In the cloud, compute refers to computation performed by a physical computer in a remote environment. For example, memory, CPU, and storage are all compute components. Basically, compute is the brain power behind running resources. All of these compute elements run on remote servers, so organizations don't need to worry about managing or providing physical equipment. Organizations can efficiently scale the volume of their data up and down. Let's take an example. Consider a clothing company that offers discounts to online purchases of winter jackets in the spring season. In the past, its website experienced lags and downtime because of the increased traffic. This frustrated customers and negatively affected sales. In response, this retailer opted to migrate to cloud computing, and next spring, the website's workload automatically scaled to meet increased demand. Customers appreciated browsing and checking out quickly thanks to the cloud's low latency. Then, once the peak season was over, the company's compute resources scaled back to normal workload levels. Good for the customer, good for the business. Okay, next up is storage. Cloud data storage is a solution that enables organizations to keep, access, and maintain digital data on off-site cloud-based storage devices. So, just like compute, the CSP uses a remote infrastructure when storing data. Finally, networks in the cloud run using software. Unlike traditional networks that require physical devices, software enables users to change their network designs without buying new hardware. And using a cloud network provides visibility into the communication between your incoming and outgoing network traffic. With cloud computing's compute, storage, and network capabilities, managing workloads is an efficient process. Better yet, from exciting new inventions to sudden disruption and everything in between, the cloud makes it possible to react to change with confidence. Now, I hope that you are also becoming more confident with your knowledge of the cloud. Welcome future security pro. Thanks for joining me for this video all about virtualization and virtual machines. Virtualization is the foundation of cloud computing. As a cloud security analyst, it's going to be super important for you to understand how it works. So let's dive in. Virtualization is a technology that creates a virtual version of physical infrastructure such as servers, storage, and networks. This technology uses virtual machines or VMs to simulate a physical computer. VMs contain their own operating systems like Windows and Linux and use only a portion of the underlying computers compute power. Virtualization uses hypervisors to manage the relationship between physical and virtual resources. A hypervisor is the abstraction layer that sits between the physical computer and the VM. Abstraction is what separates hardware from software. There are two types of hypervisors. Type one also known as bare metal. Type one is more common. It replaces the entire operating system of the underlying computer. Type one hypervisor interact with the operating systems components directly. Having this direct access makes type 1 streamlined and secure. On the flip side, type two hypervisors, also known as hosted, use the computer's existing operating system and runs as an application over the operating system. Type two hypervisors may be easier to install, but you need to take into consideration the extra overhead and security needs of the underlying operating system. So, hypervisors distribute resources across VMs and keep VMs separate so that each one simulates an individual computer. And the hypervisor ensures that information in one VM is not visible to others. In this way, an organization's development team can transform one physical computer into lots of virtual machines instead of buying new hardware each time they need a server. If needed, a development team can also add CPU, memory, and storage space to the VM. Now, let's discuss the three advantages of VMs. Portability, scalability, and testing environments. The first advantage, portability, makes VMs especially useful for hybrid cloud environments where application resources are shared between on premises and cloud infrastructure because each one is an isolated entity. Developers can relocate them throughout a network. The second advantage scalability means that VMs can be scaled to provide additional or fewer resources if the development team's needs change over time. This is unlike physical servers which have a fixed amount of hardware. The third advantage, testing environments help developers test code without worrying about affecting existing infrastructure or users. Plus, VMs simplify testing because developers don't need to deploy complex production environments and they can delete the testing environment machines afterward. As a core foundation of cloud technology, virtualization will be a big part of your future career in the cloud. You'll be a major asset to any employer because you understand the advantages virtualization offers and you can maximize its power. Think about how a package delivered to your door got there from its original location. It probably started off in a warehouse and then went inside a cargo container. There'll be many packages of different sizes inside each container. Next, the containers are loaded onto a transport vehicle like a train car or ship. Multiply this by thousands of containers over the world. They're transported from one place to another. But this doesn't change the contents inside like your package. Okay, so a container is a software package that holds only the components necessary to execute a particular application. Each container has a container image, which is a file with the code and dependencies that the container requires to run the application like documents in a filing cabinet. The cabinet is the container. The folders in each drawer are container images. And those container images store the documents or information needed to perform a task. Developers use something called container registries to upload and download container images. This enables teams to share and deploy consistent images. And organizations use orchestration tools to help deploy, scale, manage, and monitor containers. Packaging software in a container uses less memory and fewer resources because the operating system itself is not included in the container. And bonus, they're isolated from the surrounding environment, which means they're pretty easy to deploy across cloud deployment models like public, private, or hybrid clouds. You'll work with containers a whole lot throughout your career. So, it's important to understand their key benefits, including portability, immutability, and responsibility separation. Let's kick off with portability. Containers enable users to run software quickly from one computing environment to another. This portability helps create cloud tools super efficiently. Unlike virtual machines that have an operating system, containers only house isolated software while using a common underlying operating system. This allows an individual container image to run in multiple locations without the need for a separate operating system. All of this contributes to their portability. Next up, immutability. Immutability means an object can't be changed after it's created and assigned a value. Just like the contents of those shipping containers don't change during transit, cloud containers also can't be modified during their lifetimes. If a container does require a change, users must create a new container image and redeploy it. This also allows developers to seamlessly replace outdated or insecure container images. Immutability makes containers more secure by ensuring consistency across multiple deployments since there is no patching or updating that could cause configuration drifts. Lastly, containers separate the responsibilities among the developers and operations teams. Developers can devote their time to managing the container code and operations teams can concentrate on deploying and managing the container applications. This frees people up to work on the projects where they can bring the most value. And there's nothing like knowing you're playing to your strengths. Guiding you through this lesson was a blast. I can hardly contain myself. Okay, but seriously, I'm confident that you'll bring all kinds of value to your future security team and organization, especially because you'll be able to clearly and confidently advise them about all things containers. There's all kinds of different storage out there for our important documents, data, and more, like hard drives and even your smartphone. These devices are great for personal use, but what if you need to store assets for thousands of users? Well, enter cloud data storage. The cloud makes it possible for organizations to store truly massive amounts of data. And that's what we're going to explore in this video. Cloud data storage is a solution that enables organizations to keep, access, and maintain digital data on off-site cloud-based storage devices. A cloud service provider or CSP is responsible for ensuring the replication and availability of the data and users can retrieve their data using the internet anytime from anywhere. Before cloud data storage, organizations kept data locally in on premises computers or servers. As companies grew, more storage was needed to accommodate the increasing volume of data. Businesses started adding more servers, external hard drives, and larger storage systems to meet this increasing demand. But cloud data storage addresses lots of the challenges associated with traditional methods. Plus, users benefit from scalability, redundancy, cost savings, and security. Let's take a deeper dive here. First, storage using the cloud allows for scalability. When an organization needs to store more data, they can adjust their use of the cloud accordingly without the need to buy, install, organize, and manage new physical devices. Another benefit is redundancy. Redundancy is the practice of distributing cloud resources across zones and regions. This means the CSP duplicates the user data across multiple failure domains, making sure the data is safe and always available. So if a component fails, the redundant backup can take over, allowing the user to have access to the data. A third benefit is cost savings. With cloud data storage, users no longer have to buy and maintain their own devices. It's the CSP's responsibility to have the infrastructure to host and maintain the data. They also provide high levels of uptime so that the data is available whenever the user needs it. Because users no longer pay upfront costs, the overall cost of the data storage goes down, too. Plus, users only pay for storage resources they use. And because of the ability to scale, it's not necessary to pre- buy storage in case a company suddenly needs more storage capacity than expected. Cloud data storage also offers important security controls to check user authentication, access control, and data encryption. The scalable, redundant, cost-effective, and secure aspects of cloud data storage provide a more seamless experience when managing data. This has become a key solution for companies of all kinds. It's helpful for small businesses or entrepreneurs who might not have the resources to handle vast amounts of data. And of course, larger companies also leverage the cloud's ability to store and move massive amounts of data quickly and securely. Understanding cloud data storage is an essential foundation for your data security career. It offers a number of business benefits and your knowhow will help any employer make informed decisions about how to put cloud storage to excellent use. Deciding where to store something has everything to do with what's being stored. Here's an example. Let's say you just made some iced tea. You'd most likely put it inside a liquid container with a tight fitting lid, not a flimsy paper takeout box. Or let's say you went to the store and bought a 12-pack of paper towels. You wouldn't keep them all on your kitchen counter. You'd probably put one roll in a dispenser, then store the rest in your pantry until you need them, right? There are lots of different ways to store and use data in the cloud. And just like the liquid iced tea and the bulky paper towels, there are many storage options available in the cloud. Let's cover the different types of data being stored. This is important to understand because each storage type contains a specific data type. First up is structured data which is data organized in a certain format like rows and columns. It's taken from its native form and transformed into a predefined format. A predefined format means that all submitted data are categorized into specific fields. The data is then stored in a database meant for storing structured data. This makes structured data easy to search. Examples of structured data include names, addresses, credit card numbers, and dates. Next, unstructured data is data that is not organized in any easily identifiable way. It's stored in its native form and appears in a variety of formats, including images, videos, and documents. These formats aren't structured at all. For example, think of a doc file. It can contain text, images, or even embedded photos and videos. These data types are unstructured because they can't fit in the tables and rows of a database like with structured data. Luckily, there are specific types of storage to accommodate all types of data. Let's take a rundown of the three main storage types: file, object, and block. To start, let's examine file storage. File storage uses a hierarchy of files in folders. It keeps data in one place and organizes it in a simple, easy to understand way. File storage is ideal for smaller volumes of data that a few people might need access to like files on a family computer. Each file starts at the home directory. Then users can navigate to what they need by following a logical path. File storage is the oldest and most widely used data storage system. But it has some limitations and can only handle so much. File storage is also commonly used in data repositories. Developers rely on repositories as a centralized place to store, download, and share data. All right, let's move on to object storage. Object storage holds unstructured data in something called a bucket. A bucket is a virtual container that holds objects. Each bucket is assigned a unique name. These buckets can be public, meaning that anyone can access the objects inside, or private, so only certain people have access. Using buckets is a great way to organize large amounts of unstructured data. When storing data in block storage format on the cloud, data is split into smaller blocks, each stored in different locations to maximize efficiency. Each block is given a unique ID and when users ask to retrieve their data, the smaller blocks are connected together again based on these IDs. Block storage is flexible and efficient as it can be accessed by any operating system and any virtual machine system. Great work learning all about data types and storage options. With this information, you now know how to use the cloud to properly store data. This brings you one step closer to protecting information in the cloud. Bye for now. Congratulations on completing the first section in your introduction to cloud computing. In this section, you learned some essential cloud computing concepts, which you'll build on throughout your journey to becoming a cloud security professional. You started with an introduction to cloud infrastructure. This included understanding its distinctions from on premises methods and key considerations of moving to the cloud. Then you explored what the cloud is made up of by learning the components of cloud computing. Next, you learned about containers in the cloud. You also explored several advantages that containers bring to organizations. This section wrapped up by discussing the different storage options that are available on the cloud, including file, block, and object. Thanks so much for being here with me, and keep up the amazing work. Hey there. Ready to explore security principles in the cloud? There's so many exciting things in store and I can't wait to go on this journey with you. Together, we'll examine the different layers of security and explore how each layer applies to the cloud. We'll also go over different security measures used in cloud environments. First, we'll explore security controls used in cloud computing. Then, we'll discuss how the defense in-depth approach applies to securing cloud resources. Next, we'll go over security responsibilities you'll share with cloud service providers, CSPs. You'll also learn about the shared responsibility and shared fate models, and the considerations of sharing security with a CSP. Then you'll build on shared responsibility concepts by learning about different cloud service models. You'll also review how infrastructure platform and software as a service offer varying degrees of security responsibilities. After that, you'll examine how identity and access management helps you maintain control over your resources. You'll also be introduced to the principle of lease privilege and separation of duties in identity and access management. Finally, we'll discuss networking in the cloud. This includes softwaredefined networking, virtual private clouds, and load balancing. You're about to learn some really cool ways to secure cloud environments using security principles. I'm excited to go on this adventure with you. When you're ready, let's get started. Just like you might help someone you care about cross a busy street, in the world of cyber security, different strategies are used to protect data and assets, especially sensitive ones. The more valuable an asset is, the more advanced the security protecting it should be. Today you'll learn about a strategy that's used to protect critical assets, the defense in-depth model. Using this model can help protect cloud resources. It can also improve an organization's ability to manage its defense of assets and data, which is an organization's security posture. Defense and depth is a layered approach to vulnerability management that reduces risk. Defense Inepth uses multiple security controls to protect assets. Let's learn about some of the cloud security controls that can improve your defenses. As a cloud security analyst, there are several security controls you'll encounter in your day-to-day tasks. Security controls are safeguards that reduce security risks. Common types of controls used in the cloud include identity, protective, network, detective, responsive, and recovery. The first type of control we'll cover are identity controls. And identity control is a measure that helps authenticate a user before they access resources like networks or storage. Identity controls are becoming a lot more common, so it's possible you've encountered them before. One of the most common examples of an identity control is when your email provider asks you to add another email or phone number to verify your identity. This is an example of an identity control known as multifactor authentication, which adds an additional layer of security to the authentication process. Another type of security control is protective controls. A protective control is a measure that protects access to resources and shields against malicious attacks. Other examples of protective controls are installing anti virus software on individual VMs, web application firewalls, and organization and infrastructure as code policies. A network control, like a firewall, is a measure that helps protect access through network paths. Next, a detective control is a measure used to identify suspicious activity if it occurs. An example of a detective control is an intrusion detection system that monitors system activity and alerts analysts if there's a possible intruder. Google Cloud's security command center is an example of an intrusion detection system that can alert cloud security professionals of malicious activity. A responsive control is an application or tool that uses automation to respond to security events. For example, responsive controls could automatically notify you through email or other systems in response to a detected threat. Finally, after detecting and responding to threats, analysts use recovery controls. A recovery control is a measure that restores access and functionality in the event of failures. The most common example of a recovery control is where you can revert to a backup of a system you stored after an attack. The combination of these controls create a more robust defense strategy for your organization. Think of the controls working together like a security system for a community garden. Got to keep those prize-winning tomatoes safe. Identity controls determine who is able to access the garden. And installing a fence around the garden's perimeter acts as a protective control. You protect access to the garden by only giving authorized people a key to the gate. Like using network controls. Using a detective control, you install a camera to monitor suspicious activity. Then, if there's suspicious activity, you'll use a responsive control to receive an automatic text message. Last, using a recovery control, you can reestablish the security of the garden by mending any failures in the fence. Now that you're familiar with the different layers to secure assets, you can combine them to create a defense in-depth security strategy. By adding security controls in each layer, you can increase the overall security of your cloud resources, making this an effective strategy to reduce your vulnerabilities. The cloud offers many capabilities for securing resources. This gives security professionals the exciting opportunity to protect assets in a variety of ways. In this video, you'll learn about the shared responsibility model and how customers and cloud service providers or CSPs work together to protect the cloud and a business's assets. A customer is an organization or user who pays a cloud service provider to host and run their cloud resources. Before diving deeper into shared responsibility, let's examine the difference between onremise and cloud responsibilities. In a traditional on premises model, a business owns their own data center and servers. The business is responsible for securing their services against threats. However, if that business decides to use a CSP to run or store their resources in the cloud, then the CSP takes responsibility for some of the security of those assets. The amount of CSP involvement depends on several factors. Let's explore these responsibilities further. The shared responsibility model is the implicit and explicit agreement between the customer and the cloud service provider or CSP regarding the shared accountability for security controls. In the shared responsibility model, the CSP is like a gymnasium. The gym provides the building and equipment and ensures the equipment works properly. The customer is responsible for using the equipment safely and maintaining their own personal fitness goals. Before the customer starts using the gym, they sign a contract where they agree to use the equipment appropriately. Shared responsibility works in a similar way where the customer and CSP agree on who is responsible for securing what resources. One way to think about shared responsibility is considering security of the cloud versus security in the cloud. Here are some common CSP responsibilities. The CSP must maintain physical infrastructure like servers and data centers. Additionally, CSPs need to ensure network and resource availability. These responsibilities provide the security of the cloud. The customer is responsible for configuring their services to meet their specific security and compliance requirements. The customer is also responsible for securing their data. Organizations have to consider the security requirements of the people using their apps and resources. In these cases, the focus is to secure data in th
Original Description
Learn about cloud cybersecurity with this comprehensive course developed by Google Cloud. You'll analyze threats, build defenses, and complete a final mission that'll impress future employers. This hands-on curriculum will prepare you for the Google Cloud Cybersecurity Certificate.
Enhance your skills with hands-on labs on Google Cloud Skills Boost! Get started with the Beginner: Google Cloud Cybersecurity Certificate here:: https://goo.gle/4laKgri
⭐️ Contents ⭐️
⌨️ (0:00:00) Introduction to Data Analytics in Google Cloud
⌨️ (2:45:18) Data Management and Storage in the Cloud
⌨️ (5:14:21) Data Transformation in the Cloud
⌨️ (6:31:54) The Power of Storytelling: Visualizing Data in the Cloud
⌨️ (9:05:45) Put It All Together: Prepare for a Cloud Data Analyst Job
⌨️ (9:45:49) Prepare for a career in cloud with #GoogleCloudCertificates
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from freeCodeCamp.org · freeCodeCamp.org · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
React: Production Server Setup Part 2 - Live Coding with Jesse
freeCodeCamp.org
cookies vs localStorage vs sessionStorage - Beau teaches JavaScript
freeCodeCamp.org
Browser history tutorial - Beau teaches JavaScript
freeCodeCamp.org
Graph Data Structure Intro (inc. adjacency list, adjacency matrix, incidence matrix)
freeCodeCamp.org
React: Parameterized Routing with Next.js - Live Coding with Jesse
freeCodeCamp.org
React: Dealing with jQuery Issues - Live Coding with Jesse
freeCodeCamp.org
setInterval and setTimeout: timing events - Beau teaches JavaScript
freeCodeCamp.org
Browser and Device Testing - Live Coding with Jesse
freeCodeCamp.org
Last Minute Updates - Live Coding with Jesse
freeCodeCamp.org
Post Launch Updates - Live Coding with Jesse
freeCodeCamp.org
React: Setting Up Google Analytics - Live Coding with Jesse
freeCodeCamp.org
React: Masonry Layout - Live Coding with Jesse
freeCodeCamp.org
Load Balancing Digital Ocean Droplets - Live Coding with Jesse
freeCodeCamp.org
try, catch, finally, throw - error handling in JavaScript
freeCodeCamp.org
Load Balancing: SSL Passthrough Setup - Live Coding with Jesse
freeCodeCamp.org
Graphs: breadth-first search - Beau teaches JavaScript
freeCodeCamp.org
React: Masonry Layout Part 2 - Live Coding with Jesse
freeCodeCamp.org
React: WordPress API Live Search - Live Coding with Jesse
freeCodeCamp.org
Creating WordPress Custom Post Types - Live Coding With Jesse
freeCodeCamp.org
Dates - Beau teaches JavaScript
freeCodeCamp.org
Miscellaneous Front End Updates - Live Coding with Jesse
freeCodeCamp.org
Merging a Pull Request from GitHub - Live Coding with Jesse
freeCodeCamp.org
React + Prettier + Standard JS - Live Coding with Jesse
freeCodeCamp.org
React: Sortable Responsive Table - Live Coding with Jesse
freeCodeCamp.org
Geolocation Sorting by Distance - Live Coding with Jesse
freeCodeCamp.org
Tradeoff Matrix - Agile Software Development
freeCodeCamp.org
The Definition of Ready - Agile Software Development
freeCodeCamp.org
Getting first React job without experience - Ask Preethi
freeCodeCamp.org
React: Google Analytics Click Tracking - Live Coding with Jesse
freeCodeCamp.org
Submitting a PR to an Open Source Project - Live Coding with Jesse
freeCodeCamp.org
Should I go back to school to get CS degree? - Ask Preethi
freeCodeCamp.org
Hero Section CSS Changes - Live Coding with Jesse
freeCodeCamp.org
Working Agreement - Agile Software Development
freeCodeCamp.org
A day at Pennybox with Co-Founder Reji Eapen
freeCodeCamp.org
React: Sorting and Filtering Data - Live Coding with Jesse
freeCodeCamp.org
React: Sorting and Filtering Data Part 2 - Live Coding with Jesse
freeCodeCamp.org
React: Building a New UI - Live Coding with Jesse
freeCodeCamp.org
Definition of Done - Agile Software Development
freeCodeCamp.org
Getting started with jQuery (tutorial) - Beau teaches JavaScript
freeCodeCamp.org
Making a React Blog with WordPress Content - Live Coding with Jesse
freeCodeCamp.org
React, NextJS, CSS - Live Coding with Jesse
freeCodeCamp.org
jQuery events - Beau teaches JavaScript
freeCodeCamp.org
React/NextJS Routing and WordPress API Custom Types - Live Coding with Jesse
freeCodeCamp.org
React: Working with API Data - Live Coding with Jesse
freeCodeCamp.org
React: Refactoring Components - Live Streaming with Jesse
freeCodeCamp.org
jQuery effects - Beau teaches JavaScript
freeCodeCamp.org
More React Refactoring - Live Coding with Jesse
freeCodeCamp.org
animate in jQuery - Beau teaches JavaScript
freeCodeCamp.org
"Finishing" My React Site - Live Coding with Jesse
freeCodeCamp.org
Starting a New React Project (P2D1) - Live Coding with Jesse
freeCodeCamp.org
React Project 2 Day 2: Learning Material UI - Live Coding with Jesse
freeCodeCamp.org
The Agile Manifesto - Agile Software Development
freeCodeCamp.org
jQuery: get and set with http, text, val, and attr - Beau teaches JavaScript
freeCodeCamp.org
React Project 2 Day 3 - Live Coding with Jesse
freeCodeCamp.org
The INVEST approach to product backlog items
freeCodeCamp.org
React Project 2 Day 4 - Live Coding with Jesse
freeCodeCamp.org
Chickens and Pigs - Agile Software Development
freeCodeCamp.org
React Project 2 Day 5 - Live Coding with Jesse
freeCodeCamp.org
jQuery: add and remove DOM elements - Beau teaches JavaScript
freeCodeCamp.org
React Project 2 Day 6 - Live Coding with Jesse
freeCodeCamp.org
More on: AI Security
View skill →Related Reads
📰
📰
📰
📰
The Silent Killer in Your Node.js APIs: Mass Assignment & How to Catch It Before Production
Medium · AI
The Silent Killer in Your Node.js APIs: Mass Assignment & How to Catch It Before Production
Medium · Cybersecurity
Australian Cyber Security Centre Issues Alert on Mass Exploitation of CMS Vulnerabilities
Dev.to · NetSecOpsIO
Malicious 'jscrambler' NPM Package Versions Deploy Cross-Platform Infostealer in Sophisticated Supply Chain Attack
Dev.to · NetSecOpsIO
🎓
Tutor Explanation
DeepCamp AI