In this Cloud Security Fundamentals course you will learn basic principles associated with securing the cloud and SaaS-based applications through Secure Access Service Edge architecture and identify concepts required to recognize and potentially mitigate attacks against traditional and hybrid datacenters as well as mission critical infrastructure. The course also demonstrates how to initially setup and configure containers on a docker bridge network and test the container security through the use of vulnerability scans and reports.

Learn how to monitor, troubleshoot, and improve your infrastructure and application performance. Guided by the principles of Site Reliability Engineering (SRE), this course features a combination of lectures, demos, hands-on labs, and real-world case studies. In this course, you'll gain experience with full-stack monitoring, real-time log management and analysis, debugging code in production, and profiling CPU and memory usage.

Welcome to AWS Fundamentals: Addressing Security Risk! This course will give you an overview of security best practices when developing and managing applications on AWS. The course, created by AWS experts and delivered by AWS Solutions Architects, uses video lectures, hands-on exercise guides, demonstrations, and quizzes to dive deep on concepts about security on AWS. You will learn about the concept of “least privilege” and the AWS Shared Responsibility Model, as well as view demonstrations of Amazon GuardDuty, AWS Secrets Manager, and cross-account access. We encourage IT professionals and leaders who are interested in learning about best practices for securing an AWS environment and applications developed on AWS to enroll in this course. Before taking this course, we recommend you complete AWS Fundamentals: Going Cloud Native (https://www.coursera.org/learn/aws-fundamentals-going-cloud-native). Class forums will also allow you to ask questions and interact with AWS training instructors.

Welcome to course 1 of 5 of this Specialization, Security Principles. After completing this course, the participant will be able to:  Discuss the foundational concepts of cybersecurity principles. - Recognize foundational security concepts of information assurance. - Define risk management terminology and summarize the process. - Relate risk management to personal or professional practices. - Classify types of security controls. - Distinguish between policies, procedures, standards, regulations and laws. - Demonstrate the relationship among governance elements. - Analyze appropriate outcomes according to the canons of the (ISC)2 Code of Ethics when given examples. - Practice the terminology and review security principles. Agenda Course Introduction Module 1: Information Assurance Module 2: Risk Management Process Module 3: Security Controls Module 4: Governance Module 5: (ISC)2 Code of Ethics Module 6: Course Summary This training is for IT professionals, career changers, college students, recent college graduates, advanced high school students and recent high school graduates looking to start their path toward cybersecurity leadership by taking the Certified in Cybersecurity entry-level exam. There are no prerequisites to take the training or the exam. It is recommended that candidates have basic Information Technology (IT) knowledge. No work experience in cybersecurity or formal education diploma/degree is required.

Data breaches occur nearly every day. From very large retailers, down to your fantasy football website, and anywhere in between, they have been compromised in some way. How did the attackers get in? What did they do with the data they compromised? What should I be concerned with in my own business or my systems? This course is the second course in the Practical Computer Security. It will discuss types of threats and attack vectors commonly seen in today’s environment. I hate to be the bearer of bad news, but threats are all over the place! This course isn’t designed to insight fear that there is no hope for keeping systems and business secure, but rather educate you on how attacks are carried out so that you have a better sense of what to look out for in your business or with your systems.

Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures. Incident Response and Recovery: In the Incident Response and Recovery Session, you will gain an understanding of how to handle incidents using consistent, applied approaches in order to resolve. Once an incident is identified, action will be necessary in order to resolve. We will examine processes such as damage recovery, data integrity and preservation, and the collection, handling, reporting, and prevention. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized in order to mitigate damages, recover business operations, and avoid critical business interruption. Through the use of the DRP, you will understand the procedures for emergency response and post-disaster recovery. Course Objectives 1. Describe the risk management process 2. Perform security assessment activities 3. Describe processes for operating and maintaining monitoring systems 4. Identify events of interest 5. Describe the various source systems 6. Interpret reporting findings from monitoring results 7. Describe the incident handling process 8. Contribute to the incident handling process based upon role within the organization 9. Describe the supporting role in forensics investigation processes 10. Describe the supporting role in the business continuity planning process 11. Describe the supporting role in the disaster recovery planning process

This is a self-paced lab that takes place in the Google Cloud console. In this lab, you modify an API to require OAuth tokens for access. You use the SpikeArrest policy to limit the rate of API calls by application, and you use private variables and data masking to hide sensitive data from users who debug API traffic.

Course 6: Cloud and Wireless Security Welcome to course six. This course applies to security concepts, ideas, and considerations to two major changes that we have experienced in recent years. It's regarding the way we use the data. First, we use our data on the go. In other words, data services are provided to our mobile phones, Wi-Fi, and other devices. Second, many enhanced functions are implemented through services hosted in the cloud platform, where our data is stored or processed. Both transformations are complex topics. However, as a security practitioner, we can narrow these two topics by applying the security fundamentals to secure the data. This boils down to the three basics of protecting data at rest, in motion, and in use. The data is either on the endpoint devices, servers, or other endpoints, making these services a reality. Course 6 Learning Objectives After completing this course, the participant will be able to:  L6.1 - Recall cloud security concepts and configurations. L6.2 - Recognize types of virtualization and cloud security considerations. L6.3 - Summarize the types of telecommunications and network access controls. Course Agenda Module 1: Operate and Configure Cloud Security (Domain 7 - Systems and Application Security) Module 2: Cloud Security Considerations (Domain 6 - Network and Communications Security) Module 3: Secure Wireless Configurations (Domain 6 - Network and Communications Security) Who Should Take This Course: Beginners Experience Required: No prior experience required

Ethical Hacking Essentials is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, IoT and OT attacks, cloud computing, pentesting fundamentals, and more. This course provides hands-on practical experience to learners thus giving them the skills necessary for a future in cybersecurity. EHE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. This improves their prospects for employment advancement, higher salaries, and greater job satisfaction.

This is a self-paced lab that takes place in the Google Cloud console. After provisioning two service accounts to represent user personas and three namespaces for dev, test, and prod, you will test the access controls of the personals in each namespace.