Detailed Course Outline
Security Management
- CDP Security Models
- CDP Security Pillars
- CDP Security Levels
Project Planning
- The Importance of Project Planning
- Roles and Responsibilities Isolated Networks
- Architecture for Network Security
- Building an Isolated Network
Identity Management
- FreeIPA or Active Directory
- Identity Management Architecture
- Pluggable Authentication Modules
- Lightweight Directory Access Protocol
- Cloudera Manager Roles
- Managing Super Users
Quality Controlled Hosts
- CDP Requirements for Hosts
- Recommendations for deployment hosts
Encrypt Network Traffic
- Theory for Security Protocols
- Tools: openssl and keytool
- Architecture for Certificate Authorities
- Deploying TLS using Auto-TLS
- Deploying SASL
Authentication with Kerberos
- Architecture for Kerberos
- Kerberos CLI
- Deploying Kerberos
- Managing CDP services within Kerberos
Shared Data Experience (SDX)
- Architecture for Apache Ranger
- Deploying Ranger
- Deploying Infra Solr
- Deploying Atlas
Data at Rest
- Theory for KMS with KTS
- Deploying KMS with KTS
- Encrypting Data at Rest
Single Sign-On with Knox Gateway
- Architecture for Knox Gateway
- Installing Knox Gateway
- Deploying Knox Gateway SSO
- Accessing services through Knox Gateway
Authorization with Ranger
- Creating Ranger Data Encryption Zones
- Creating Ranger Security Zones
- Creating Ranger resource policies
- Creating Ranger masking policies
Classify Data with Atlas
- Ranger Policies for Atlas
- Searching Atlas
- Classifying Data with Tags
- Creating Ranger Tag Policies
- Creating Ranger Masking Policies
Audit CDP
- Auditing access on hosts
- Auditing users with Ranger
- Auditing lineage with Atlas
- Troubleshooting with Audits
Commission CDP
- Validating Security Level 2
- Checklist for commissioning CDP
Achieving Compliance
- Regulatory Compliance
- Roadmap to Security Level 3