When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Certificate?

When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Detect, Respond, and Recover from Cloud Cybersecurity Attacks

This course is part of Google Cloud Cybersecurity Professional Certificate

Instructor: Google Cloud Training

5,067 already enrolled

Included with

Learn more

4 modules

Gain insight into a topic and learn the fundamentals.

37 reviews

Beginner level

No prior experience required

Flexible schedule

2 weeks at 10 hours a week

Learn at your own pace

83%

Most learners liked this course

4 modules

Gain insight into a topic and learn the fundamentals.

37 reviews

Beginner level

No prior experience required

Flexible schedule

2 weeks at 10 hours a week

Learn at your own pace

83%

Most learners liked this course

What you'll learn

Analyze logging systems in a cloud environment.
Configure security monitoring systems to efficiently identify and mitigate threats to a cloud environment.
Define the lifecycle of a security incident and the process to identify, document, and prevent future incidents.
Explain the purpose of a Disaster Recovery Plan and how this affects data retention and recovery.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

20 assignments

Taught in English

91%

of learners achieved a positive career outcome

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your Cloud Computing expertise

This course is part of the Google Cloud Cybersecurity Professional Certificate

When you enroll in this course, you'll also be enrolled in this Professional Certificate.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate from Google Cloud

There are 4 modules in this course

Wow, you’re already on the fourth course of the Google Cloud Cybersecurity Certificate. Sharpen your security senses as you learn about log retention policies, intrusion detection and prevention systems, and the intricacies of monitoring and alerts. Learn how to effectively manage and respond to security incidents through business continuity and disaster recovery. Happy learning!

Module details

Gear up for a deep dive into the heart of security operations! In this module, you’ll delve into crucial topics for detecting security activities, focusing on log retention policies, intrusion detection and prevention systems, and the intricacies of monitoring and alerts. You'll learn about incident management and attack mitigation strategies. And you’ll take a guided tour through logging fundamentals and monitoring best practices, equipping you with the knowledge to effectively manage and respond to security incidents.

What's included

15 videos12 readings5 assignments1 app item1 plugin

15 videosTotal 67 minutes

Introduction to course 43 minutes
Seline: Make an impact in cloud security1 minute
Welcome to module 11 minute
SecOps and its components5 minutes
Vulnerability management techniques6 minutes
Incident detection basics3 minutes
Phases of incident response and management8 minutes
Incident response plans8 minutes
Intrusion detection systems6 minutes
Signature and anomaly-based detection3 minutes
Logs for analysis and monitoring6 minutes
Log management: The skills needed for success7 minutes
Alerts and notifications5 minutes
Alert search techniques4 minutes
Wrap-up1 minute

12 readingsTotal 120 minutes

Course 4 overview10 minutes
Helpful resources and tips10 minutes
Lab technical tips10 minutes
Explore your course 4 scenario: Cymbal Bank10 minutes
Essential SecOps skills10 minutes
Vulnerability scanning, penetration testing, and tabletop exercises10 minutes
AI in SecOps: Red teams10 minutes
More about incident response phases10 minutes
Log types: A breakdown10 minutes
Alert and log optimization10 minutes
Guide to event threat detection10 minutes
Glossary terms from module 110 minutes

5 assignmentsTotal 82 minutes

Module 1 challenge50 minutes
Test your knowledge: Security operations foundations8 minutes
Test your knowledge: Incident management foundations8 minutes
Test your knowledge: Logging and log retention fundamentals8 minutes
Test your knowledge: Alerts, notifications, and log optimization8 minutes

1 app itemTotal 90 minutes

Determine the difference between normal activity and an incident90 minutes

1 pluginTotal 15 minutes

Accessing and completing labs15 minutes

Get ready to outsmart cyber adversaries! In this module, we'll dissect the attack playbook step by step, learning to spot those sneaky intrusion attempts before they wreak havoc. You’ll also learn how to create detection rules, expand your toolbelt with query tools to analyze logs, and identify indicators of compromise (IoC).

What's included

11 videos6 readings4 assignments1 app item

11 videosTotal 45 minutes

Welcome to module 21 minute
Introduction to Lockheed Martin’s Cyber Kill Chain®5 minutes
False positive analysis3 minutes
Introduction to security monitoring4 minutes
Tim: Analytical skills for detection and response3 minutes
Tools for proactive security monitoring4 minutes
Indicators of compromise (IOCS)5 minutes
Essentials of threat hunting6 minutes
Aggregations and correlations5 minutes
Introduction to query tools7 minutes
Wrap-up1 minute

6 readingsTotal 60 minutes

Lockheed Martin’s Cyber Kill Chain® in practice10 minutes
Guide to false positive analysis10 minutes
Security monitoring key concepts10 minutes
IOCs for threat detection10 minutes
Query tools: RegEx and YARA-L10 minutes
Glossary terms from module 210 minutes

4 assignmentsTotal 74 minutes

Module 2 challenge50 minutes
Test your knowledge: False positives and Lockheed Martin’s Cyber Kill Chain®8 minutes
Test your knowledge: Proactive security monitoring and alerting8 minutes
Test your knowledge: Threat hunting and indicators of compromise8 minutes

1 app itemTotal 90 minutes

Explore false positives through incident detection90 minutes

Ready to become an incident response expert? From the first sign of trouble to those crucial lessons learned. You'll learn to communicate like a pro, keeping everyone in the loop while you contain the chaos. We'll delve into the art of the post-mortem, figuring out exactly what went down and how to prevent it next time. And get this – you'll become an expert of automation, designing playbooks that streamline the response and give you back precious time. By the end, you'll be the go-to expert, orchestrating security operations with efficiency.

What's included

12 videos10 readings6 assignments1 app item

12 videosTotal 47 minutes

Welcome to module 32 minutes
The importance of evidence preservation4 minutes
How security teams preserve evidence5 minutes
Incident response in Google Cloud5 minutes
Incident identification4 minutes
Coordination for incident response4 minutes
Documentation fundamentals4 minutes
Elements of successful documentation4 minutes
Actionable alert identification5 minutes
Security orchestration with playbooks6 minutes
Fatima: A day in the life of a detection and response team manager3 minutes
Wrap-up1 minute

10 readingsTotal 100 minutes

Digital evidence preservation: Techniques and best practices10 minutes
Incident response best practices with Chronicle SOAR10 minutes
Guide to log queries, exports, and analysis10 minutes
Documentation in practice10 minutes
Activity: Document a timeline of events10 minutes
Activity Exemplar: Document a timeline of events10 minutes
Incident response partners10 minutes
Incident response orchestration versus automation10 minutes
Playbooks' role in incident response10 minutes
Glossary terms from module 310 minutes

6 assignmentsTotal 90 minutes

Module 3 challenge50 minutes
Test your knowledge: Evidence preservation8 minutes
Test your knowledge: Incident management8 minutes
Activity Quiz: Document a timeline of events8 minutes
Test your knowledge: Documentation8 minutes
Test your knowledge: Response in action using automation8 minutes

1 app itemTotal 90 minutes

Analyze audit logs using BigQuery90 minutes

Brace yourself for the ultimate resilience challenge! In this module, you'll become the architect of disaster-proof cloud systems. We'll cover everything from bulletproof backup strategies to lightning-fast recovery plans – because when systems fail, every second counts. You'll harness the power of automation to detect attacks and respond like a digital SWAT team. We'll explore the ins and outs of BCDR (Business Continuity and Disaster Recovery) tools, your ultimate weapons in the fight against downtime. Remember, recovery is your secret weapon – and this module will teach you how to wield it with precision.