Google Professional Cloud Security Engineer Exam Guide

Instructor

Categories

Cloud Engineering, Infrastructure & Security

Keamanan di lingkungan cloud menjadi aspek krusial bagi perusahaan yang mengadopsi teknologi Google Cloud Platform (GCP). Banyak organisasi menghadapi tantangan dalam mengelola identitas dan akses, melindungi data sensitif, mengamankan jaringan cloud, serta mendeteksi dan merespons ancaman keamanan. Tanpa pemahaman yang baik mengenai praktik keamanan cloud, perusahaan dapat menghadapi risiko seperti kebocoran data, serangan siber, serta kegagalan dalam memenuhi kepatuhan terhadap regulasi industri.

Course Google Professional Cloud Security Engineer Exam Guide ini dirancang untuk membekali peserta dengan keterampilan dan wawasan mendalam mengenai strategi keamanan dalam Google Cloud, serta membantu mereka mempersiapkan diri untuk ujian sertifikasi Google Professional Cloud Security Engineer. Peserta akan mempelajari cara mengelola identitas dan akses menggunakan IAM, mengamankan sumber daya cloud, serta memahami keamanan jaringan, enkripsi data, dan pemantauan keamanan. Selain itu, peserta juga akan mendapatkan pemahaman tentang praktik terbaik dalam menerapkan kebijakan keamanan, logging, dan respons insiden di lingkungan GCP.

Dengan kombinasi materi berbasis praktik dan studi kasus, course ini akan memberikan pemahaman menyeluruh tentang bagaimana menerapkan keamanan cloud yang kuat, meningkatkan kesadaran terhadap risiko, serta membangun infrastruktur cloud yang aman dan sesuai dengan standar industri.

OBJECTIVES

1. Memahami konsep keamanan cloud dan bagaimana menerapkannya di Google Cloud Platform (GCP)
2. Meningkatkan keterampilan dalam manajemen identitas dan akses (IAM) untuk memastikan hanya pengguna yang berwenang yang dapat mengakses sumber daya cloud
3. Memahami strategi pemantauan, logging, dan respons insiden untuk mendeteksi dan mengatasi ancaman keamanan secara proaktif
4. Mampu mengamankan komputasi, penyimpanan, dan jaringan dengan menerapkan kontrol keamanan dan kebijakan enkripsi

AUDIENCE

1. Cloud Security Engineer
2. Cybersecurity Analyst
3. Google Cloud Administrator
4. DevOps Engineer
5. IT Security Specialist

CONTENT

1. Google Cloud Security Concepts

1.1 Overview of Google Cloud Security
1.2 Shared Security Responsibility
1.3 Security by Design
1.4 Threat and Vulnerability Management

2. Trust and Compliance

2.1 Establishing and Maintaining Trust
2.2 Access Transparency and Access Approval
2.3 Security and Privacy of Data
2.4 Third-Party Risk Assessments

3. Resource Management

3.1 Overview of Google Cloud Resource Manager
3.2 Understanding Resource Hierarchy
3.3 Applying Constraints Using the Organization Policy Service
3.4 Asset Management Using Cloud Asset Inventory
3.5 Best Practices and Design Considerations

4. Understanding Google Cloud Security

4.1 Overview of Cloud Security
4.2 Securing Account
4.3 Directory Management

5. Google Cloud Identity and Access Management

5.1 Overview of IAM
5.2 Service Accounts
5.3 IAM Policy Bindings
5.4 Tag-Based Access Control
5.5 Cloud Storage ACLs
5.6 IAM APIs
5.7 IAM Logging

6. Virtual Private Cloud

6.1 Overview of VPC
6.2 Google Cloud Regions and Zones
6.3 VPC Deployment Models
6.4 Micro-Segmentation
6.5 Cloud DNS
6.6 Load Balancers
6.7 Hybrid Connectivity Options
6.8 Best Practices and Design Considerations

7. Advanced Network Security

7.1 Private Google Access
7.2 Identity-Aware Proxy
7.3 Cloud NAT
7.4 Google Cloud Armor

8. Google Cloud Key Management Service

8.1 Overview of Cloud KMS
8.2 Encryption and Key Management in Cloud KMS
8.3 Key Management Options
8.4 Symmetric Key Encryption
8.5 Asymmetric Key Encryption
8.6 Import a Key (BYOK)
8.7 Key Lifecycle Management
8.8. Key IAM Permissions
8.9 Cloud HSM
8.10 Cloud EKM
8.11 Cloud KMS Best Practices
8.11 Cloud KMS API
8.12 Cloud KMS Logging

9. Cloud Data Loss Prevention

9.1 Overview of Cloud DLP
9.2 DLP Architecture Options
9.3 Cloud DLP Terminology
9.4 Creating a Cloud DLP Inspection Template
9.5 Best Practices for Inspecting Sensitive Data
9.6 Inspecting and De-Identifying PII Data
9.7 How to De-Identify and Tokenize Sensitive Data
9.8 DLP use Case
9.9 Best Practices for Cloud DLP
9.10 Data Exfiltration and VPC Service Controls
9.11 Best Practices for VPC Service Controls

10. Secret Manager

10.1 Overview of Secret Manager
10.2 Managing Secrets and Versions
10.3 Accessing a Secret
10.4 Secret Replication Policy
10.5 CMEKs for Secret Manager
10.6 Best Practices for Secret Management
10.7 Secret Manager Logs

11. Cloud Logging

11.1 Introduction to Google Cloud Logging
11.2 Log Categories
11.3 Log Management
11.4 Logging and Auditing Best Practices

12. Image Hardening and CI/CD Security

12.1 Overview of Image Management
12.2 Image Management Pipeline
12.3 Controlling Access to the Images
12.4 Image Lifecycle
12.5 Enforcing Lifecyle Policies
12.6 Securing a Ci/CD Pipeline
12.7 Best Practices for CI/CD Security
12.8 Shielded VMs
12.9 Confidential Computing

13. Security Command Center

13.1 Overview of SCC
13.2 Core Services
13.3 Cloud Asset Inventory
13.4 Detecting Security Misconfigurations and Vulnerabilities
13.5 Threat Detection
13.6 Continuous Compliance Monitoring
13.7 Automating a Findings Response

14. Container Security

14.1 Overview of Containers
14.2 Container Basics
14.3 What is Kubernetes
14.4 Container Security
14.5 GKE Security Features
14.6 Container Security Best Practices

Course Features

Lectures 70
Quizzes 2
Duration 40 hours
Skill level All levels
Language Indonesia
Students 0
Certificate No
Assessments Yes

Request Quotation

20 Sections
70 Lessons
40 Hours

Expand all sectionsCollapse all sections

PERSIAPAN
2
- 1.1
  Pre-Test
  0 Questions
- 1.2
  Download Bundle Materi
1. OVERVIEW OF GOOGLE CLOUD PLATFORM
2
- 2.1
  1.1 Types of Cloud Services
- 2.2
  1.2 Cloud Computing vs. Data Center Computing
2. GOOGLE CLOUD COMPUTING SERVICES
4
- 3.1
  2.1 Computing Components of Google Cloud Platform
- 3.2
  2.2 Storage Components of Google Cloud Platform
- 3.3
  2.3 Networking Components of Google Cloud Platform
- 3.4
  2.4 Additional Components of Google Cloud Platform
3. PROJECTS, SERVICE ACCOUNTS, AND BILLING
6
- 4.1
  3.1 How GCP Organizes Projects and Accounts
- 4.2
  3.2 Roles and Identities
- 4.3
  3.3 Service Accounts
- 4.4
  3.4 Billing
- 4.5
  3.5 Enabling APIs
- 4.6
  3.6 Provisioning Stackdriver Workspaces
4. INTRODUCTION TO COMPUTING IN GOOGLE CLOUD
4
- 5.1
  4.1 Compute Engine
- 5.2
  4.2 App Engine
- 5.3
  4.3 Kubernetes Engine
- 5.4
  4.4 Cloud Functions
5. COMPUTING WITH COMPUTE ENGINE VIRTUAL MACHINES
4
- 6.1
  5.1 Creating and Configuring Virtual Machines with the Console
- 6.2
  5.2 Creating and Configuring Virtual Machines with Cloud SDK
- 6.3
  5.3 Basic Virtual Machine Management
- 6.4
  5.4 Guidelines for Planning, Deploying, and Managing Virtual
6. MANAGING VIRTUAL MACHINES
3
- 7.1
  6.1 Managing Single Virtual Machine Instanc
- 7.2
  6.2 Introduction to Instance Groups
- 7.3
  6.3 Guidelines for Managing Virtual Machines
7. COMPUTING WITH KUBERNETES
4
- 8.1
  7.1 Introduction to Kubernetes Engine
- 8.2
  7.2 Deploying Kubernetes Clusters
- 8.3
  7.3 Deploying Application Pods
- 8.4
  7.4 Monitoring Kubernetes
8. MANAGING KUBERNETES CLUSTERS
5
- 9.1
  8.1 Viewing the Status of a Kubernetes Cluster
- 9.2
  8.2 Adding, Modifying, and Removing Nodes
- 9.3
  8.3 Adding, Modifying, and Removing Pods
- 9.4
  8.4 Adding, Modifying, and Removing Services
- 9.5
  8.5 Viewing the Image Repository and Image Details
9. COMPUTING WITH APP ENGINE
4
- 10.1
  9.1 App Engine Components
- 10.2
  9.2 Deploying an App Engine Application
- 10.3
  9.3 Scaling App Engine Applications
- 10.4
  9.4 Splitting Traffic between App Engine Versions
10. COMPUTING WITH CLOUD FUNCTIONS
3
- 11.1
  10.1 Introduction to Cloud Functions
- 11.2
  10.2 Cloud Functions Receiving Events from Cloud Storage
- 11.3
  10.3 Cloud Functions Receiving Events from Pub/Sub
11. PLANNING STORAGE IN THE CLOUD
3
- 12.1
  11.1 Types of Storage Systems
- 12.2
  11.2 Storage Data Models
- 12.3
  11.3 Choosing a Storage Solution: Guidelines to Consider
12. DEPLOYING STORAGE IN GOOGLE CLOUD PLATFORM
8
- 13.1
  12.1 Deploying and Managing Cloud SQL
- 13.2
  12.2 Deploying and Managing Datastore
- 13.3
  12.3 Deploying and Managing BigQuery
- 13.4
  12.4 Deploying and Managing Cloud Spanner
- 13.5
  12.5 Deploying and Managing Cloud Pub/Sub
- 13.6
  12.6 Deploying and Managing Cloud Bigtable
- 13.7
  12.7 Deploying and Managing Cloud Dataproc
- 13.8
  12.8 Managing Cloud Storage
13. LOADING DATA INTO STORAGE
3
- 14.1
  13.1 Loading and Moving Data to Cloud Storage
- 14.2
  13.2 Importing and Exporting Data
- 14.3
  13.3 Streaming Data to Cloud Pub/Sub
14. NETWORKING IN THE CLOUD: VIRTUAL PRIVATE CLOUDS AND VIRTUAL PRIVATE NETWORKS
4
- 15.1
  14.1 Creating a Virtual Private Cloud with Subnets
- 15.2
  14.2 Deploying Compute Engine with a Custom Network
- 15.3
  14.3 Creating Firewall Rules for a Virtual Private Clo
- 15.4
  14.4 Creating a Virtual Private Network
15. NETWORKING IN THE CLOUD: DNS, LOAD BALANCING, AND IP ADDRESSING
3
- 16.1
  15.1 Configuring Cloud DNS
- 16.2
  15.2 Configuring Load Balancer
- 16.3
  15.3 Managing IP Addresses
16. DEPLOYING APPLICATIONS WITH CLOUD LAUNCHER AND DEPLOYMENT MANAGER
2
- 17.1
  16.1 Deploying a Solution Using Cloud Launcher
- 17.2
  16.2 Deploying an Application Using Deployment Manager
17. CONFIGURING ACCESS AND SECURITY
2
- 18.1
  17.1 Managing Identity and Access Management
- 18.2
  17.2 Managing Service Accounts
18. MONITORING, LOGGING, AND COST ESTIMATING
4
- 19.1
  18.1 Monitoring with Stackdriver
- 19.2
  18.2 Logging with Stackdriver
- 19.3
  18.3 Using Cloud Diagnostics
- 19.4
  18.4 Using the Pricing Calculator
PENUTUPAN
2
- 20.1
  Post- Test
  0 Questions
- 20.2
  Kuesioner

Karno Nur Cahyo, M.Kom.

Direktur Software Engineering (Chief Software Engineering Officer) Braindevs. Lahir di Tangerang, 4 Juni 1997. Menyelesaikan pendidikan dasar dan menengah di SDN 4 Kaliwungu dan SMPN 1 Kaliwungu, Kabupaten Semarang. Menamatkan SMK di SMKN 2 Salatiga pada tahun 2015. Menamatkan pendidikan S1 Teknik Informatika (S.Kom.) di Universitas Nusa Mandiri Jakarta pada tahun 2019. Serta menamatkan pendidikan S2 Ilmu Komputer (M.Kom.) di Universitas Nusa Mandiri Jakarta pada tahun 2022.

Memiliki sertifikasi industri di bidang Enterprise Architecture (TOGAF foundation dari Open Group), Software Engineering (Professional Scrum Master (PSM) dari Scrum.Org), Software Testing (ISTQB Certified Tester Foundation Level dan ISTQB Certified Tester Advanced Level-Test Management dari iSQI), Database Management (PostgreSQL® Essentials v16 Certification dari EDB) dan IT Cybersecurity (Information Security Foundation Based on ISO 270001 dari Exin).

Berpengalaman dalam berbagai project di bidang Software Engineering (idSE) yang terdiri dari Systems Analysis & Design, Software Development & Governance, Software Maintenance, dan Software Quality Assurance. Selain itu berpengalaman di bidang Product Management (idPM) yang terdiri dari Software Planning & Feasibility Analysis, Software Effort Estimation, Project Management, dan Scrum Framework Implementation dan berpengalaman juga di bidang Business Process Management (idBPM) serta di bidang Enterprise Architecture (idEA).

Memiliki pengalaman mengerjakan project di bidang Software Engineering, Product Management, Business Process Management, dan Enterprise Architecture pada organisasi berikut:
– Kementerian/Lembaga: Agrinas Pangan Nusantara (Sistem Portal KDKMP), Mabes Polri (SIPP, SiSDM, E-KTA, BOS, SILOG, Sismutjab), BRIN (SIDANAU), PWP (Trademark Information Systems), KLH (Amdalnet), Kemnaker (Sisfo BNSP, E-SKKNI, E-BKK), BPK (Sistem Manajemen Layanan TI & E-Learning BPK), BPPT (Digital Library), Kementerian ATR/BPN (SmartLand), TNI AD, Lembaga Nasional Single Window, Kemenlu, Badan Penyelenggara Haji dan Ditjen Minerba Kementerian ESDM
– BUMN/Swasta: Astra Group (FIF), INALUM
– Universitas: Universitas Terbuka dan Universitas Pendidikan Indonesia

Dr. Eng. Ir. Suharyanto, S.T., M.Eng.

CISA Exam Guide

Kegagalan dalam tata kelola serta pengendalian Sistem dan Teknologi Informasi (STI) masih menjadi tantangan serius bagi banyak organisasi. Laporan industri menunjukkan bahwa lemahnya kontrol...

Students

119

students

Type	Cost	Start Date	Registered	Confirmed
Online	Rp6.900.000,-	2 November 2026	0	0
Offline	Rp7.900.000,-	2 November 2026	0	0
Private Offline	-	9 Mei 2026 PT Bank Oke Indonesia Tbk	9	9

Fandika Zainul Adian

Data Analytics Power BI Fundamentals

Tujuan utama organisasi dalam inisiatif analitik adalah mendorong pengambilan keputusan yang lebih tepat dan berbasis data (IDG, 2019). Namun, data yang tersedia di perusahaan...

Students

131

students

Type	Cost	Start Date	Registered	Confirmed
Online	Rp4.900.000	22 Juni 2026	0	0
Offline	Rp5.900.000	22 Juni 2026	0	0

BPMN Business Process Sparx Fundamentals

Romi Satria Wahono, M.Eng., Ph.D.

BPMN Business Process Sparx Fundamentals

Pertumbuhan organisasi sering kali menyebabkan proses bisnis menjadi semakin kompleks dan terpecah-pecah, di mana kegiatan antar unit kerja tidak terintegrasi sehingga sulit dipetakan dan...

Students

221

students

Type	Cost	Start Date	Registered	Confirmed
Online	Rp6.900.000,-	6 Juli 2026	0	0
Offline	Rp7.900.000,-	6 Juli 2026	1	1

Ariyanto Adi Nugroho, M.Kom.

ITSM Foundation Exam Guide

Kegagalan mengelola layanan teknologi informasi (TI) menyebabkan inefisiensi operasional, penurunan kualitas layanan, kepuasan pengguna yang rendah dan keberlangsungan bisnis terhambat (Axelos, 2022) (Kaiser, 2023)....

Students

students

Type	Cost	Start Date	Registered	Confirmed
Online	Rp6.900.000,-	13 Juli 2026	0	0
Offline	Rp7.900.000,-	13 Juli 2026	0	0

Romi Satria Wahono, M.Eng., Ph.D.

Systems Analysis & Design Fundamentals

Penyebab utama kegagalan software adalah ketidaksesuaian kebutuhan pengguna dengan software yang dikembangkan (Glass’ Law, 1998). Prinsip dasar software engineering ini selaras dengan definisi bahwa...

Students

474

students

Type	Cost	Start Date	Registered	Confirmed
Online	Rp6.900.000,-	20 Juli 2026	0	0
Offline	Rp7.900.000,-	20 Juli 2026	1	1

Cloud Engineering

Google Professional Cloud Security Engineer Exam Guide

Course Features

Related Courses

CISA Exam Guide

Data Analytics Power BI Fundamentals

BPMN Business Process Sparx Fundamentals

ITSM Foundation Exam Guide

Systems Analysis & Design Fundamentals

Brainmatics Curriculum Booklet (PDF)

Login with your site account

Register a new account

Modal title