Home - savannahc502/Google-Certificate-Portfolio GitHub Wiki

Google Cybersecurity Professional Certificate

I completed the Google Cybersecurity Professional Certificate between June 2024 and November 2024. Coursera estimates that the course takes about 166 hours to complete. I was awarded a scholarship from the Women in Cybersecurity (WiCyS) organization to complete the program. This wiki is a portfolio demonstrating my security education, skills, and knowledge acquired from the experience.

image

Image from Google Coursera

1. Foundations of Cybersecurity

The first course of this program provided an overview of cybersecurity terminology, vulnerabilities, frameworks, and tools. The material was similar to what I learned in my Cybersecurity Fundamentals, Network Protocols, and System Fundamentals classes I took my first year at Champlain College.

Topics Covered:

  • Security incidents' impacts on business operations
  • Understanding entry-level cybersecurity analyst responsibilities
  • CISSP eight security domains.
  • Security domains, frameworks, and controls identification
  • Cyberethics
  • Common cybersecurity tools overview

2. Play It Safe: Manage Security Risks

The second course of this program provided materials to study various cybersecurity frameworks and tools that are used in the industry to mitigate risk and protect information.

Topics Covered:

  • Frameworks: CISSP's eight security domains, CIA Triad, NIST Frameworks
  • Security Audits: Common internal elements, principles, and implementation of frameworks
  • Security Tools: SIEM dashboards & Logs, Vulnerability Scanners, and IDS
    • The course provided simulated, interactive SIEM dashboards to practice identifying threats in SIEM logs
  • Playbooks: Their purpose and how to utilize them to identify threats, risks, and vulnerabilities

Portfolio Item: Security Audit

Module two of this course provided a practice scenario and risk assessment so that I could complete a security audit checklist (utilizing the template provided in the course). I summarized the security control and compliance gaps at the end of the checklist.

3. Connect and Protect: Networks and Network Security

The second course of this program provided materials and activities to study networks and security measures used in the industry to mitigate risk and protect information.

Topics Covered:

  • Structure of a network
  • Network Protocols
  • Network Attacks
  • Security Hardening

Activity: Analyze Network Attacks

I was given a fictional cybersecurity scenario and completed an incident report. To complete the report, I had to read a provided Wireshark TCP/HTTP log and complete a short incident report.

Activity: Apply OS Hardening Techniques

I was given a fictional cybersecurity scenario and completed an incident report. To complete the report, I had to read a provided tcpdump log and complete a short incident report.

Portfolio Item: NIST Cybersecurity Framework & Incident Reporting

The third portfolio item of this course required me to analyze a fictional network incident using the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) to create a brief cybersecurity incident report.

4. Tools of the Trade: Linux and SQL

Course four provided an overview of operating systems and their relationship to applications & hardware. Additionally, I completed labs and readings on the Linux OS/CLI and used SQL to query databases.

Portfolio Item: File Permissions in Linux

The fourth portfolio item of the course required a demonstration of basic Linux commands. I have worked with Linux commands before and completed similar, more detailed versions of the assignment in a previous class. Therefore, I have included two exemplar lab assignments as my portfolio items.

Portfolio Item: Apply Filters to SQL Queries

Similar to the previous portfolio item, I have worked with SQL databases and queries before and completed similar, more detailed versions of the assignment in a previous class. Therefore, I have included two exemplar lab assignments as my portfolio items. These were completed in my SEC-260 Web and App Security class.

5. Assets, Threats, and Vulnerabilities

Course five of this program covered the interconnected nature of assets, threats, and vulnerabilities. I also completed labs to practice classic cipher encryption/decryption, complete risk and vulnerability assessments, learn about common threats in cybersecurity.

Topics Covered:

  • Classify assets
  • Analyze an attack surface
  • Encryption and Decryption (hash comparison on Linux)
  • Identify threats
  • Threat modeling process

Activity: Score Risks Based on their Likelihood and Severity

Given a fictional business operation scenario, I completed a simplified risk assessment by evaluating vulnerabilities by their likelihood and severity. Coursera provided the template -- I completed the likelihood, severity, and priority categories.

Activity: Determine Appropriate Data Handling Practices

Given a fictional incident summary, I had to determine the issues that contributed to the incident and how the principle of least privilege could have prevented it. Coursera provided the template, my writing is in green text.

Portfolio Item: Vulnerability Assessment

I have performed vulnerability assessments for my Information Assurance class before and practiced using frameworks such as the NIST-800. My portfolio of work in this class is very applicable to the course content.

6. Sound the Alarm: Detection and Response

Course six builds upon course five -- which covered assets, threats, and vulnerabilities -- and shows how cybersecurity professionals detect and respond to incidents.

Topics Covered:

  • Incident response lifecycle
  • Monitor and analyze network traffic (SIEM, Wireshark, tcpdump)
  • Processes and Procedures
  • IDS systems (Suricata)
  • Interpret logs and alerts (Splunk, Chronicle)

Portfolio Activity: Document an Incident with an Incident Handler's Journal

An incident handler's journal is a form of documentation used in incident response that records past incidents, threats, and notes to help guide a professional in future events. This activity had me write a small entry for a incident journal based on a fictional scenario.

Lab Activity: Analyze a Packet

This activity required me to analyze a packet with Wireshark and tcpdump. Coursera provided a Windows VM and a sample .pcap file to complete the Wireshark lab. Some instructions guided the user to some simple packet analysis questions.

I have also completed many activities and labs with network analyzers, all of which are documented on my Networking Protocols class at Champlain College wiki page

Lab Activity: Examine alerts, logs, and rules with Suricata

Suricata is an open-source network analysis and threat detection software. Suricata is a type of NIDS (Network Intrusion Detection System) that provides IDS, IPS, and NSM services.

Suricata uses signatures analysis, which is a detection method used to find events of interest. Signatures consist of three components: Action, Header, Rule Options.

This lab provided an opportunity to explore the Suricata tool in a Linux console with guided commands and prompts for exploration. I learned how to create custom rules and run them in Suricata, monitor traffic captured in a packet capture file, and examine the fast.log and eve.json output.

Lab Activity: Query Splunk

Recently, I completed the Splunk Core Certified User training modules as a part of a previous internship. I have provided a PDF of my learning transcript.

7. Automate Cybersecurity Tasks with Python

I have completed an Introduction to Python three-credit course at Champlain College previously, so I have had experience with the topics covered in this course before.

One thing I would like to improve on is regular expressions, as they were confusing to me. Some outside research and practice will likely be needed.

8. Put It to Work: Prepare for Cybersecurity Jobs

The final course in this program provided guidance on when to escalate a security incident, how to engage with the cyber community, how to apply and interview for jobs, and an overview of AI skills.

This was a shorter and less technical course, and provided a nice wrap to the content learned thus far!

Interview Warmup Website: https://grow.google/certificates/interview-warmup/