I took Google’s Cybersecurity Certification and Here’s What I Learned.
So I decided to take Google’s new Cybersecurity Certification Program. I wanted to see what the content was like and with the promise of learning basic SQL and Python by going through this program I was intrigued. Those were skills I did not have in my repertoire so I thought, “maybe I could use it as a refresher for stuff I’ve probably forgotten about when I studied for CISSP and also use it to learn a couple new skills.”
I wasn’t sure what to expect, but knowing Google, it was probably a professional and well-developed program, like many of their certificate courses. I totally underestimated how good of an education program this was and that is why I am writing this!
Now some administrative stuff. The course is through the online training portal Coursera. Coursera offers a 7-day free trial, but then moves to $49 USD per month. Just Google “Google Cybersecurity Certification” to go right to it!
Having recently obtained my CISSP, I thought I might be able to just barrel through this course. My initial assumption was wrong. I had no idea how in depth they got with this program. The course is comprised of 8 lessons, each 4 modules (well except for the 8th one, which is 5 modules, but it is shorter) that builds off of the information you learn in each lesson. There are labs, quizzes, flashcards, and other exercises built into each of the modules, as well as the lectures from instructors and testimonials from Google employees who weaved their careers in many directions before finding their particular role in cybersecurity. A lot of the latter explained that the paths to a career in cybersecurity do not have to be linear and planned out and that soft skills are incredibly important to have, while technical skills can be learned. The course was definitely geared toward those who are not currently in cybersecurity, but the information provided surpassed my expectations for a beginner level certificate program.
In the first section of the program, you learn that when you complete Google’s Cybersecurity Certificate course, they offer some additional study materials PLUS a 30% discount on taking the CompTIA Security+ exam giving you the opportunity to earn both credentials in one! Personally, I thought this was great, as those looking to learn the basics have an incredible, affordable training option that they can choose to prepare themselves for this journey. Great job here Google and Coursera!
Okay, so what are the different section breakdowns? I’ll briefly describe each one, but due to Coursera’s User Agreement, I’ll post only a couple generic screenshots.
Foundations of Cybersecurity
This lesson illustrates a day in the life of a cybersecurity professional. It begins to explain some of the paths you can take, soft skills that translate into it, terminology, tools of the trade, and an overall picture of how exciting a cybersecurity career it can be. Through several Google employee testimonials here, and throughout the other lessons, you learn that many of these people didn’t start out in security or even in information technology.
This lesson also introduced the CIA triad and some of the basic concepts of cybersecurity and several of the tools available that you might use, including Security Information and Event Management (SIEM) tools, an overview of programming languages, packet sniffers and network tools like Intrusion Detection Systems, and more. It provided a good inventory of soft and hard skills that you would need to learn to obtain a cybersecurity career.
Play it Safe: Manage Risks
This lesson introduced you to the world of risk management and did a deeper dive into:
- vulnerabilities, threats, and impacts,
- regulatory and industry guidance and frameworks,
- principals such as OWASP, NIST CSF, the Phases of Incident Response,
- the differences between audits and assessments,
- business continuity concepts, and
- the differences between the SIEM tools, Splunk and Chronicle.
Connect and Protect: Networks and Network Security
This lesson introduced you to TCP/IP and OSI protocols. It deconstructed network protocols and packets, IP addresses, and all the different ports that internet traffic uses. It went into a lot of detail about network security, and monitoring using Intrusion Detection Systems (IDS) and Prevention Systems (IPS). I forgot how much these materials made my eyes glaze when I was obtaining my CISSP, but to be honest they presented it in a way that kept your attention. There was a plethora of information to learn in this course and I could see it taking someone unfamiliar with the concepts a while to get through it.
Tools and the Trade: Linux and SQL
This lesson was excellent, for me at least. This is where you learn some basics of using Linux, all of its components, distributions, and command lines. They focused a lot on Debian/Kali distros because of their pen-testing focus. The lessons instructs you on how to open up a virtual environment (with the click of a button really) and you get right into learning how to write in Bash (command line). By first navigating around the directories, then searching, learning piping, and a lot of other commands you start to realize it isn’t that difficult at all. Every time you learned a concept in lecture or reading, you then had the ability to practice it in the virtual lab setup in a Linux environment. The second half of the Linux portion of this course talked about managing permissions, using ‘sudo’ commands to manage access control, and all of the capabilities you could do to modify and manage user access.
Then the real fun began! The second half of the course was all about diving into SQL. You learned how to connect to and work with databases, work with strings, numbers, date/time fields, all of the various operators. All of this culminated into doing table joins. It was a great opportunity to learn the basics in a virtual lab environment where you were actually running the SQL commands/SQL statements on a database and seeing results. They really made these concepts easy to learn and encouraged students taking the course to continue learning on their own.
Assets, Threats, and Vulnerabilities
Went into detail about… well an organizations assets, and the threats and vulnerabilities that put them at risk. The course reviewed how risk is calculated and the challenges faced in cloud security, with REALLY in-depth explanations of the NIST CSF, security controls, types of access accounts, how to audit access privileges, encryption, hashing and salting, defense-in-depth, how to do a vulnerability assessment (including a lab where you actually conduct one), different types of scans, threat actors, attack vectors, social engineering, malware, and threat modeling using PASTA, TRIKE, and VAST. It covered a lot and was hugely informative.
Sound the Alarm: Detection and Response
This lesson was fascinating, again taking a deeper dive into the NIST CSF and the Incident Response (IR) Lifecycle. It introduced CSIRTs, SOCs, NOCs, SOAR, and EDR along with the familiar acronyms like IDS, IPS, and SIEM (get your note taking gear out, I think I took 10 or so pages of notes on this section alone — it was REALLY great info). This course discussed, in detail, indicators of compromise and how to analyze networks and decompose packets down to reading their headers to try and learn more about them. You then learned to capture PCAPs using tcpdump in the virtual lab and then analyze them in tcpdump and Wireshark. It discussed all of the different PCAP libraries to learn more information and then you were back into the virtual labs to practice using tcpdump and Wireshark to analyze suspicious network activity.
Then it took you into the fascinating world of detection, threat hunting, the Pyramid of Pain, indicators of attack, and many other tools used to find out why your systems might be running abnormally. The course walked you through incident forensics, the importance of using a chain of custody, playbooks, triage, containment, eradication, and recovery. The final portion of this course provided a nice overview of business continuity, and the post-incident phase. This section covered a LOT and my head was spinning. This was the longest section I had taken… so far.
Automate Cybersecurity Tasks with Python
This lesson actually WAS the longest course in this program (at least for me). Having very little programming knowledge, it took me two days to complete this section. Now let me preface this with the fact that I tried learning Python before, but I couldn’t garner enough interest to remember what I was doing. I’d have to go back to square one every time and relearn basics like ‘print()’ functions because I just had no interest the way the instruction was structured. This course was a game changer for me.
I prepared some screenshots to show why. About a third of each module in this section was lecture. Learning what you are going to code and why.
As you can see in the side menu above, you usually do a short video, then some reading for more information, and then you get into the labs that you apply what you learn by actually writing code, and then followed by quizzes to test your knowledge on what you learned. And I am not sure I mentioned it before, but throughout ALL of these courses, there are different assignments that you can leverage to develop artifacts to add to a portfolio to demonstrate your understanding of the topics. I definitely saw a lot of value in creating a portfolio for those wanting to get into the field or change their career focus.
As you are navigating through the lectures, the instructor breaks down down the code for you in very easy to understand ways. For example, when I was learning how to write ‘regular expressions’ to pull specific information from lists, the instructor would break down the code on the slide:
After watching the instructor-led lectures, which were all less than 10 minutes at a time, there were readings that explained the information in more detail and shared additional operators, tools to use, and showed how to use the built-in functions in Python. When it came to labs in Python, the course opened up a Jupyter Notebook so you could code their examples, you could play around with the code itself, and write your own. You were able to execute the code right inside the Notebook and debug it if you had to, which is my favorite way of learning, by making mistakes!
The Notebooks allowed you to do your “homework”, but also let you adjust the code to see what it could do, which to me, was valuable. I would go mess around with the code and see if I could apply other bits and pieces on a regular basis while learning. I now have a MUCH better understanding of using Python and now need to find some ways to play around with it some more, so that I get some practice in. I need a CTF now :)
Putting it to Work: Prepare for Cybersecurity Jobs
The final lesson starts out discussing the importance having a security mindset, learning how to report and escalate an incident, and working with security teams. Halfway through the modules, the lessons shift more toward softer skills, like preparing for interviews, understanding how to answer in STAR format, dressing for success, and using the portfolio of artifacts that you had the opportunity to create throughout the 8 courses. Google even provides tools and templates that you can use to develop your resume/cv, practice interview questions, and build a professional network to expand your knowledge. Finally, the Google Cybersecurity Certificate program comes to a close by demonstrating how to obtain and upload your Credly badge to social media, like LinkedIn, and how to download your shiny new Google Cybersecurity Certification Certificate of Completion.
I honestly think this course is an excellent resource for those interested in getting their feet wet, looking to switch careers, or, like me, refresh your memory on areas that you might be rusty on, with the bonus of learning some extra technical skills if you aren’t the technical type. Also, a big bonus was that it helps prepare you for your CompTIA Security+ certification.
I really am glad I decided to take the Google Cybersecurity Certification Program through Coursera. Note this is my opinion, I am not affiliated with either organization, but figured if I can help anyone who is considering taking that first step, I believe 100% that it was worth it, and you should not be intimidated by the programming aspects of the course — they make it very easy for you to learn! And that’s the ultimate goal, isn’t it?
Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission. We are Veteran-owned and proud to serve customers across the Federal Government and private sector. Maveris Labs is a space for employees and customers to ask and explore answers to their burning “what if…” questions and to expand the limits of what is possible in IT and cybersecurity. To learn more, go to maveris.com
