Cloudera University Security Training - OnDemand

Course Details
Code: SECURITY-TRAINING
Tuition (USD): $1,815.00 • Self Paced

This course, which is offered exclusively through OnDemand, introduces experienced system administrators to some of the tools and techniques that Cloudera’s Solution Architects use to protect the clusters that our customers rely on for essential business operations.

Skills Gained

  • Describe security in the context of Hadoop
  • Assess threats to a production Hadoop cluster
  • Plan and deploy defenses against these threats
  • Improve the security of each node in the cluster
  • Set up authentication with Kerberos and Active Directory
  • Use permissions and ACLs to control access to files in HDFS
  • Use Apache Sentry to control data access
  • Perform common key management tasks
  • Use encryption to protect data in motion and at rest
  • Monitor a cluster for suspicious activity
  • Understand additional security considerations, including data governance and disaster recovery

Prerequisites

The course is intended for system administrators and those in similar roles. Prospective students should have a good understanding of Hadoop's architecture, the ability to perform system administration tasks in the Linux environment, and at least basic exposure to Cloudera Manager. We recommend that students complete the Cloudera Administrator Training for Apache Hadoop course, or have equivalent on-the-job experience, before beginning this course. No prior training or experience with computer security is required.

Course Details

Security Overview

  • What Is Security?
  • The Need for Security
  • Key Principles
  • Threat Assessment
  • Risk Management

Security Architecture

  • Scenario Explanation
  • Assessing Cluster Security

Host Security

  • General Server Hardening
  • Recommendations
  • System Entropy
  • Access Control
  • Host Firewalls
  • Host-Level Monitoring

Encrypting Data In Motion

  • Encryption Fundamentals
  • Certificates
  • Configuring Cloudera Manager for TLS

Authentication

  • Hadoop Authentication Fundamentals
  • Kerberos
  • Active Directory
  • Browser-Based Authentication
  • Encrypting Hadoop Data in Motion

Authorization

  • Authorization Mechanisms
  • Cloudera Manager Authorization
  • YARN Authorization
  • HDFS Authorization
  • Apache Sentry

Encrypting Data at Rest

  • Overview of HDFS Encryption
  • Encrypting Data Outside of HDFS
  • Hardware Security Modules

Additional Considerations

  • Auditing
  • Data Governance and Lineage Business Continuity and Disaster
  • Recovery

Conclusion