Module 1: Foundations of Google Cloud Security

• Introduction to the Google Cloud Operations Suite.
• Explain the shared responsibility model for security.
• Identify regulatory compliance commitments and threat mitigations offered by Google Cloud.

Module 2: Securing Access to Google Cloud

• Explore Cloud Identity for managing users and permissions.
• Configure secure synchronization between on-premises directories and the cloud using Google Cloud Directory Sync.
• Apply best practices for managing groups, domains, and administrators.

Module 3: Identity and Access Management (IAM)

• Organize resources using predefined and custom IAM roles.
• Define and implement IAM policies.
• Manage access control and enforce organization-level policies.

Module 4: Configuring VPCs for Isolation and Security

• Configure VPC networks, including firewalls and service controls.
• Deploy Cloud IDS and analyze threat details.
• Enable VPC Flow Logging and use Cloud Logging for insights.
• Secure projects with SSL policies and load balancers.

Module 5: Securing Compute Engine

• Create and manage service accounts for VMs.
• Define and apply IAM roles and scopes for instances.
• Implement organization policies to secure Compute Engine resources.

Module 6: Securing Cloud Data

• Use Cloud KMS and Cloud HSM for encryption key management.
• Encrypt and attach disks to instances securely.
• Configure BigQuery authorized views and storage best practices.

Module 7: Securing Applications

• Identify and mitigate application vulnerabilities with Web Security Scanner.
• Protect applications with BeyondCorp Enterprise.
• Secure credentials using Secret Manager.
• Address threats such as OAuth phishing and identity attacks.

Module 8: Securing Google Kubernetes Engine (GKE)

• Differentiate between Kubernetes and Google service accounts.
• Apply best practices for securing GKE clusters.
• Configure logging and monitoring options for GKE environments.

Module 9: Protecting Against DDoS Attacks

• Understand the four layers of DDoS mitigation.
• Implement IP blocklists and restrict access using Google Cloud Armor.
• Secure HTTP load balancers against malicious traffic.

Module 10: Addressing Content-Related Vulnerabilities

• Discuss threats like ransomware and privacy violations.
• Use the Cloud DLP API to classify, scan, and redact sensitive data.
• Apply mitigation strategies for content misuse and data breaches.

Module 11: Monitoring, Logging, Auditing, and Scanning

• Leverage the Security Command Center for centralized management.
• Use Cloud Monitoring, Logging, and Audit Logs for real-time security oversight.
• Automate security processes across Google Cloud environments.