The Ultimate Multicloud Infrastructure Masterclass

Course Outline

Amazon Web Services

Amazon VPC

  • VPC introduction
  • VPC benefits & features
  • Key concepts (VPCs, subnets, subnets sizing, security)
  • VPC endpoints
  • VPC peering

Elastic Compute Cloud (EC2)

  • EC2 introduction
  • EC2 benefits & features
  • EC2 instances and its types
  • AMI – Amazon machine image
  • Amazon EBS
  • EC2 pricing

Amazon ELB

  • ELB introduction
  • ELB features and its types
  • Application loadbalancer

Simple Storage Service (S3)

  • S3 introduction
  • S3 basics
  • S3 features

Amazon RDS

  • RDS introduction
  • RDS products & features
  • Amazon Aurora

Google Professional Cloud Network Engineer

Domain 1: Designing and planning a Google Cloud network

  • 1.1 Designing an overall network architecture.
  • 1.2 Designing Virtual Private Cloud (VPC) networks.
  • 1.3 Designing a resilient and performant hybrid and multi-cloud network.
  • 1.4 Designing an IP addressing plan for Google Kubernetes Engine (GKE).

Domain 2: Implementing Virtual Private Cloud (VPC) networks

  • 2.1 Configuring VPCs.
  • 2.2 Configuring VPC routing.
  • 2.3 Configuring Network Connectivity Center.
  • 2.4 Configuring and maintaining Google Kubernetes Engine clusters.
  • 2.5 Configuring and managing Cloud Next Generation Firewall (NGFW) rules.

Domain 3: Configuring managed network services

  • 3.1 Configuring load balancing.
  • 3.2 Configuring Google Cloud Armor policies.
  • 3.3 Configuring Cloud CDN.
  • 3.4 Configuring and maintaining Cloud DNS.
  • 3.5 Configuring and securing internet egress traffic.
  • 3.6 Configuring network packet inspection.

Domain 4: Implementing hybrid network interconnectivity

  • 4.1 Configuring Cloud Interconnect.
  • 4.2 Configuring a site-to-site IPSec VPN.
  • 4.3 Configuring Cloud Router.
  • 4.4 Configuring Network Connectivity Center.

Domain 5: Managing, monitoring, and troubleshooting network operations

  • 5.1 Logging and monitoring with Google Cloud Observability.
  • 5.2 Maintaining and troubleshooting connectivity issues.
  • 5.3 Using Network Intelligence Center to monitor and troubleshoot common networking issues.

AWS Certified-Security Specialty

Domain 1: Threat Detection and Incident Response

  • Task Statement 1.1: Design and implement an incident response plan
  • Task Statement 1.2: Detect security threats and anomalies by using AWS services
  • Task Statement 1.3: Respond to compromised resources and workloads

Domain 2: Security Logging and Monitoring

  • Task Statement 2.1: Design and implement monitoring and alerting to address security events
  • Task Statement 2.2: Troubleshoot security monitoring and alerting
  • Task Statement 2.3: Design and implement a logging solution
  • Task Statement 2.4: Troubleshoot logging solutions
  • Task Statement 2.5: Design a log analysis solution

Domain 3: Infrastructure Security

  • Task Statement 3.1: Design and implement security controls for edge services
  • Task Statement 3.2: Design and implement network security controls
  • Task Statement 3.3: Design and implement security controls for compute workloads
  • Task Statement 3.4: Troubleshoot network security

Domain 4: Identity and Access Management

  • Task Statement 4.1: Design, implement, and troubleshoot authentication for AWS resources
  • Task Statement 4.2: Design, implement, and troubleshoot authorization for AWS resources

Domain 5: Data Protection

  • Task Statement 5.1: Design and implement controls that provide confidentiality and integrity for data in transit
  • Task Statement 5.2: Design and implement controls that provide confidentiality and integrity for data at rest
  • Task Statement 5.3: Design and implement controls to manage the lifecycle of data at rest
  • Task Statement 5.4: Design and implement controls to protect credentials, secrets, and cryptographic key materials

Domain 6: Management and Security Governance

  • Task Statement 6.1: Develop a strategy to centrally deploy and manage AWS accounts
  • Task Statement 6.2: Implement a secure and consistent deployment strategy for cloud resources
  • Task Statement 6.3: Evaluate the compliance of AWS resources
  • Task Statement 6.4: Identify security gaps through architectural reviews and cost analysis

Google Professional Cloud Security Engineer

Domain 1: Configuring access

  • 1.1 Managing Cloud Identity
  • 1.2 Managing service accounts
  • 1.3 Managing authentication
  • 1.4 Managing and implementing authorization controls
  • 1.5 Defining resource hierarchy

Domain 2: Securing communications and establishing boundary protection

  • 2.1 Designing and configuring perimeter security
  • 2.2 Configuring boundary segmentation
  • 2.3 Establishing private connectivity

Domain 3: Ensuring data protection

  • 3.1 Protecting sensitive data and preventing data loss
  • 3.2 Managing encryption at rest, in transit, and in use
  • 3.3 Planning for security and privacy in AI

Domain 4: Managing operations

  • 4.1 Automating infrastructure and application security
  • 4.2 Configuring logging, monitoring, and detection

Domain 5: Supporting compliance requirements

  • 5.1 Determining regulatory requirements for the cloud