CDP Admin: Building Secure Clusters
Duration: 4 Days (32 Hours)
CDP Admin: Building Secure Clusters Course Overview:
This intensive four-day course caters to Cloudera Data Platform (CDP) administrators, equipping them with the skills to design solutions that align with the most stringent technical security audit standards. Rooted in a structured project plan, the curriculum encompasses various stages. Beginning with the implementation of Perimeter Security via host level security and Kerberos installation, the course progresses to securing data through the adoption of Transport Layer Security via Auto-TLS and data encryption using Key Management System and Key Trustee Server (KMS/KTS). Subsequently, it navigates the control of user and data access using Ranger and Atlas in the third stage, followed by teaching visibility strategies for comprehensive auditing of system, user, and data usage. The final phase involves scrutinizing application vulnerabilities and introducing risk management practices within a fully fortified Cloudera Data Platform. With a hands-on approach, the course balances 70% lab exercises with 30% lectures, fostering practical expertise.
Intended Audience:
- This course is intended for Linux administrators who are tasked with administering CDP.
Learning Objectives of CDP Admin: Building Secure Clusters:
In this course, you will come to understand:
- The CDP “Secure by Design” models, architecture, and tools
- Project planning for implementing a fully secured CDP
- CDP administrator recommended best practices for security
- How to create encryption zones and security zones for data isolation
- Advanced access control policies and how to use data lineage tools
- How to achieve regulatory compliance
CDP Secure by Design
- CDP Security Models
- Architecture for CDP Security
Project Planning for Securing CDP
- Roles and Responsibilities
- Project Plan Stages
Connecting to Directory Services
- Architecture for Identity Management
- Comparing Directory Services
- Connecting to Lightweight Directory Access Protocol
Hardening Networks and Hosts
- CDP Requirements for Networks
- CDP Requirements for Hosts
Protecting Data in Motion
- Architecture for Transport Layer Security
- Deploying TLS using Auto-TLS
- Managing CDP services within TLS
Managing Authentication with Kerberos
- Architecture for Kerberos
- Deploying Kerberos
- Managing CDP services within Kerberos
Deploying Authorization
- Architecture for Apache Ranger
- Deploying Ranger
- Architecture for Atlas
- Deploying Atlas
Protecting Data at Rest
- Architecture for HDFS encryption
- Deploying Key Management System with Key Trustee Server
- Creating and managing encryption zones
Creating Single Sign-On with Knox Gateway
- Architecture for Knox Gateway
- Deploying Knox Gateway SSO
Managing Authorization with Ranger
- Creating resource policies
- Creating masking policies
- Creating Row Level Filtering policies
Classifying Data with Atlas
- Classifying Data with Tags
- Creating Ranger Tag Policies
- Creating Ranger Masking Policies
Auditing CDP
- Auditing access on hosts
- Auditing users with Ranger
- Auditing lineage with Atlas
Bringing Applications Aboard CDP
- Creating multi-tenant environments
Achieving Compliance
- Threat and Risk Modeling for CDP
- Regulatory Compliance
CDP Admin: Building Secure Clusters Course Prerequisites
- We recommend a minimum of 3 to 5 years of system administration experience. Students must have proficiency in Linux CLI and should be familiar with Linux shell scripts. Knowledge of Transport Layer Security, Kerberos, and SQL select statements is helpful. Students must have access to the internet to reach Amazon Web Services (AWS).
Discover the perfect fit for your learning journey
Choose Learning Modality
Live Online
- Convenience
- Cost-effective
- Self-paced learning
- Scalability
Classroom
- Interaction and collaboration
- Networking opportunities
- Real-time feedback
- Personal attention
Onsite
- Familiar environment
- Confidentiality
- Team building
- Immediate application
Training Exclusives
This course comes with following benefits:
- Practice Labs.
- Get Trained by Certified Trainers.
- Access to the recordings of your class sessions for 90 days.
- Digital courseware
- Experience 24*7 learner support.
Got more questions? We’re all ears and ready to assist!