We recommend a minimum of 3 to 5 years of system administration experience in industry. Students must have proficiency in Linux CLI. Knowledge of Directory Services, Transport Layer Security, Kerberos, and SQL select statements is helpful. Prior experience with Cloudera products is expected, experience with CDH or HDP is sufficient. Students must have access to the Internet to reach Amazon Web Services.<\/p>","audience":"
This immersion course is intended for Linux Administrators who are taking up roles as CDP Administrators.<\/p>","contents":"
The significant improvements in CDP architecture and tools makes CDP The first project stage is implementing Perimeter Security by installing host level security and Kerberos. The second project stage protects Data by implementing Transport Layer Security using Auto-TLS and data encryption using Key Management \nSystem and Key Trustee Server (KMS\/KTS). The third project stage controls Access for users and to data using Ranger and Atlas. The fourth stage teaches Visibility practices for auditing systems, users, and data usage. This project stage also analyzes applications in terms of vulnerabilities and introduces CDP practices for Risk Management in a fully secured Cloudera Data Platform. This course is 60% exercise and 40% lecture.<\/p>","essentials_plain":"We recommend a minimum of 3 to 5 years of system administration experience in industry. Students must have proficiency in Linux CLI. Knowledge of Directory Services, Transport Layer Security, Kerberos, and SQL select statements is helpful. Prior experience with Cloudera products is expected, experience with CDH or HDP is sufficient. Students must have access to the Internet to reach Amazon Web Services.","audience_plain":"This immersion course is intended for Linux Administrators who are taking up roles as CDP Administrators.","contents_plain":"- Architecture for CDP Clusters\n- Requirements for an isolated network\n- Comparison of Active Directory to Identity, Policy, and Audit\n- Theory and installation of\n\n- Kerberos\n- Auto-TLS\n- Ranger\n- Atlas\n- Ranger Key Management Service\n- Knox Gateway\n- Building Ranger Resource Policies\n- Creating Atlas Classifications\n- Building Ranger Tag Policies","outline_plain":"Security Management\n\n\n- CDP Security Models\n- CDP Security Pillars\n- CDP Security Levels\nProject Planning\n\n\n- The Importance of Project Planning\n- Roles and Responsibilities Isolated Networks\n- Architecture for Network Security\n- Building an Isolated Network\nIdentity Management\n\n\n- FreeIPA or Active Directory\n- Identity Management Architecture\n- Pluggable Authentication Modules\n- Lightweight Directory Access Protocol\n- Cloudera Manager Roles\n- Managing Super Users\nQuality Controlled Hosts\n\n\n- CDP Requirements for Hosts\n- Recommendations for deployment hosts\nEncrypt Network Traffic\n\n\n- Theory for Security Protocols\n- Tools: openssl and keytool\n- Architecture for Certificate Authorities\n- Deploying TLS using Auto-TLS\n- Deploying SASL\nAuthentication with Kerberos\n\n\n- Architecture for Kerberos\n- Kerberos CLI\n- Deploying Kerberos\n- Managing CDP services within Kerberos\nShared Data Experience (SDX)\n\n\n- Architecture for Apache Ranger\n- Deploying Ranger\n- Deploying Infra Solr\n- Deploying Atlas\nData at Rest\n\n\n- Theory for KMS with KTS\n- Deploying KMS with KTS\n- Encrypting Data at Rest\nSingle Sign-On with Knox Gateway\n\n\n- Architecture for Knox Gateway\n- Installing Knox Gateway\n- Deploying Knox Gateway SSO\n- Accessing services through Knox Gateway\nAuthorization with Ranger\n\n\n- Creating Ranger Data Encryption Zones\n- Creating Ranger Security Zones\n- Creating Ranger resource policies\n- Creating Ranger masking policies\nClassify Data with Atlas\n\n\n- Ranger Policies for Atlas\n- Searching Atlas\n- Classifying Data with Tags\n- Creating Ranger Tag Policies\n- Creating Ranger Masking Policies\nAudit CDP\n\n\n- Auditing access on hosts\n- Auditing users with Ranger\n- Auditing lineage with Atlas\n- Troubleshooting with Audits\nCommission CDP\n\n\n- Validating Security Level 2\n- Checklist for commissioning CDP\nAchieving Compliance\n\n\n- Regulatory Compliance\n- Roadmap to Security Level 3","summary_plain":"The significant improvements in CDP architecture and tools makes CDP Secure by Design. The Cloudera Data Platform is intended to meet the most demanding technical audit standards. This four-day hands-on course is presented as a project plan for CDP administrators to achieve technical audit standards.\n\nThe first project stage is implementing Perimeter Security by installing host level security and Kerberos. The second project stage protects Data by implementing Transport Layer Security using Auto-TLS and data encryption using Key Management \nSystem and Key Trustee Server (KMS\/KTS). The third project stage controls Access for users and to data using Ranger and Atlas. The fourth stage teaches Visibility practices for auditing systems, users, and data usage. This project stage also analyzes applications in terms of vulnerabilities and introduces CDP practices for Risk Management in a fully secured Cloudera Data Platform. This course is 60% exercise and 40% lecture.","skill_level":"Intermediate","version":"1.0","duration":{"unit":"d","value":4,"formatted":"4 jours"},"pricelist":{"List Price":{"DE":{"country":"DE","currency":"USD","taxrate":19,"price":3520}}},"lastchanged":"2025-07-29T12:18:36+02:00","parenturl":"https:\/\/portal.flane.ch\/swisscom\/fr\/json-courses","nexturl_course_schedule":"https:\/\/portal.flane.ch\/swisscom\/fr\/json-course-schedule\/35451","source_lang":"fr","source":"https:\/\/portal.flane.ch\/swisscom\/fr\/json-course\/cloudera-admin-332"}}Secure by Design.<\/q> The Cloudera Data Platform is intended to meet the most demanding technical audit standards. This four-day hands-on course is presented as a project plan for CDP administrators to achieve technical audit standards.<\/p>\n