Security in the Google Cloud Platform

• Understanding the Google approach to security
• Managing administrative identities using Cloud Identity.
• Implementing least privilege administrative access using Google Cloud Resource Manager, Cloud IAM.
• Implementing IP traffic controls using VPC firewalls and Cloud Armor
• Implementing Identity Aware Proxy
• Analyzing changes to the configuration or metadata of resources with GCP audit logs
• Scanning for and redact sensitive data with the Data Loss Prevention API
• Scanning a GCP deployment with Forseti
• Remediating important types of vulnerabilities, especially in public access to data and VMs

In addition to the following classes, Students should possess Knowledge of foundational concepts in information security:

• Fundamental concepts including vulnerability, threat, attack surface, confidentiality, integrity, availability

• Common threat types and their mitigation strategies
• Public-key cryptography
• Public and private key pairs
• Certificate authorities
• Transport Layer Security/Secure Sockets Layer encrypted communication
• Public key infrastructures
• Security policy
• Basic proficiency with command-line tools and Linux operating system environments 
• Systems Operations experience, including deploying and managing applications, either on-premises or in a public cloud environment
• Reading comprehension of code in Python or JavaScript