Great class , well executed and explained. Only wish that there was some visual instructions for some of the projects. I was slightly confused with the "Audit project" but eventually figured it out however I felt like I wasted a lot of time and found it frustrating. Otherwise awesome!

The "security audit" exercise could be more challenging if it scored the "X" checkmarks I put on the Checklist. As it happens, I got them all right anyway, but it would be good if system verified them instead of taking my word for it.

this course was okay, but I was very confused and perplexed by the audit assignment, and could not grasp in full what was expected to be done. In reading the message boards, many other users felt the same.

I think it was way too heavy on the repetition of what was covered in Course 1 and then not enough useful, practical information here. At the very least you could include a screenshot of some SIEMs dashboards to explain what you will see and how you will know what a threat will look like and when to break out the playbook. Also, other places will all a Playbook a SOP (standard operations and procedures) which might just be worth noting at some point, given the international nature of this course. Otherwise pretty good. The information in the videos was well delivered and digestible. The other videos that basically just told us not to worry about Imposter Syndrome was also really nice. Good to hear other people's stories. Just consider less overlap and more directed progress on this course instead.

The Audit control exampler part 1 should be reviewed and the context of this exercise should be modified. Without knowing the current control in place, how do you expect us to create audit doc, considering it is an established organization?

The material does not seem well organized. Some of the language ambiguous and could be more precise. I wish the course had a booklet or a pdf of all the material, I don't like that I have multiple docs with reference material.

Liked the passing of the content, just not how repetitive it was. Also I feel as if a lot of this material could be cut as it seemed to drag on with information that has already been covered

The two stars got knocked off for extremely vague questions in the security audit. I had no idea what I was doing. It was too open ended for my experience

it's good for a start but not a two weeks course, it could be teach within three days.

I was quite disappointed with this course. The abstract concepts were introduced at a shallow, vague level and the lengthy mock audit exercise was very unsatisfying and unhelpful, since it was self-assessed and any amount of effort could have passed, and there was no way to know the "right" answer until looking at the suggested one. I hoped to see at least some concrete screenshots of Splunk or Chronicle, but they were just described in general, superficial terms.

If coursera expects people to give reviews at the end of the course, then they should make sure that multiple choice answers which require 3 answers out of 4 possible ones, DO NOT HAVE ONLY 2 answers that would be correct. It ruined my grade from being a 100 leaving me with a 91.75. The people answering in the coursera help section speak improper english and troll you when you point out one of their staff are creating indirect answers to very important questions like this one. Then they play it off like they are answering your question and we have no right to be upset with this sociopathic action? I think if coursera is going to be working with big names like Google, Meta, IBM, Microsoft which will be spearhead companies in the coming digital age, then they need to make sure greater care is taken with legitimate English and other native language speakers before they try to provide education. This is the education industry for crying out loud..People mess up yes, and thats ok. But when something is a mess up from being irresponsible and wanting to retaliate, thats when a reflection of integrity is shown to the world.

Course Review: "Play It Safe: Manage Security Risks" As an Engineering student with a burgeoning interest in cybersecurity, I recently completed the course “Play It Safe: Manage Security Risks,” and I am pleased to share my experience. This course provided an in-depth exploration of security risk management, blending theoretical knowledge with practical applications. Here’s a detailed breakdown of my experience: Course Content and Structure: The course is meticulously structured, beginning with foundational concepts and gradually advancing to more complex topics. The initial modules cover essential principles of risk management, such as identifying assets, assessing vulnerabilities, and understanding threat vectors. As the course progresses, it delves into more specialized areas including risk quantification, mitigation strategies, and incident response planning. This progressive learning approach ensures that students build a solid understanding before tackling advanced concepts. One of the strengths of the course is its modular design. Each module is well-defined, with clear learning objectives and outcomes. This modularity facilitates focused learning and allows students to track their progress effectively. The inclusion of key terms and definitions at the beginning of each module is particularly helpful for establishing a strong grasp of the subject matter. Practical Relevance and Application: The course excels in bridging the gap between theory and practice. Through a series of case studies and real-world scenarios, students are encouraged to apply theoretical knowledge to practical situations. For example, the threat modeling exercises were invaluable, providing hands-on experience in identifying and evaluating potential threats within a simulated environment. These exercises not only reinforced theoretical concepts but also enhanced problem-solving skills by requiring students to develop and implement risk mitigation strategies. The inclusion of industry-standard tools and methodologies, such as risk assessment frameworks and security protocols, further emphasizes the practical relevance of the course. Learning to use these tools in a controlled setting prepares students for real-world applications and equips them with skills that are highly transferable to professional environments. Interactivity and Engagement: One of the highlights of this course is its interactive nature. The course features a range of interactive elements, including quizzes, discussion forums, and group projects. The quizzes are well-designed to test comprehension and reinforce key concepts, while the discussion boards provide a platform for students to engage with peers, share insights, and discuss complex topics. These interactive components not only enhance learning but also foster a sense of community among students. The group projects are particularly beneficial, as they simulate collaborative environments often encountered in professional settings. Working on these projects allows students to apply concepts in a team-based context, develop communication skills, and learn from the diverse perspectives of their peers. Instructor Expertise and Support: The instructors for “Play It Safe: Manage Security Risks” are exemplary in their expertise and pedagogical approach. Their backgrounds in security risk management and their practical experience in the field are evident throughout the course. The instructors are highly responsive to student queries, providing detailed feedback and guidance on assignments. Their willingness to engage with students and clarify complex concepts greatly enhances the learning experience. The instructors also incorporate real-world examples and case studies from their own experiences, which adds a valuable practical dimension to the course. This real-world perspective is particularly beneficial for students who wish to understand how theoretical concepts are applied in practice. Resource Materials: The course provides a comprehensive array of resources, including detailed lecture notes, recommended readings, and supplementary materials. The lecture notes are well-organized and serve as a valuable reference for revisiting key concepts. The recommended readings are carefully selected to provide deeper insights into specific topics and current trends in security risk management. Additionally, the course includes access to relevant industry reports, whitepapers, and tools, which are instrumental in staying updated with the latest developments in the field. The resource materials are thoughtfully curated to support both the theoretical and practical aspects of the course. Areas for Improvement: While the course is highly commendable, there are a few areas where it could be enhanced. The inclusion of more recent case studies and examples would provide a more current perspective, given the rapidly evolving nature of cybersecurity threats. Additionally, integrating advanced topics such as emerging technologies, zero trust architectures, and advanced persistent threats could offer a more comprehensive view for students aiming to specialize in security risk management. Another potential improvement could be the inclusion of more hands-on labs or simulations. While the case studies and exercises are beneficial, additional interactive labs or virtual environments could further enhance the practical learning experience and provide students with more opportunities to experiment with security tools and techniques. Conclusion: Overall, “Play It Safe: Manage Security Risks” is an outstanding course that provides a thorough and practical introduction to security risk management. It effectively combines theoretical knowledge with real-world applications, making it highly relevant for engineering students interested in cybersecurity. The course’s well-structured modules, interactive elements, and expert instructors create a rich learning experience that is both engaging and educational. I highly recommend this course to any engineering student or professional seeking to enhance their understanding of security risks and their management.

In this course I learned more about practical practices such as , having a strong security posture is important to an organization to mitigate threats, risks, and vulnerabilities and also to minimize potential damage that will occur in the future. This also means to apply strict security of the organization's assets to protect the important data from exploitations. This also means for the security professionals to follow the rules and expectations for ethical behavior to minimize negligence, abuse and fraud.

I also learned more about different kinds of threats how they negatively impact organization's assets and the people they serve such as ransomware and social engineering. That's why Implementing security frameworks such as NIST RMF or NIST CSF and security controls to an organization, helps mitigate and reduce risks, and threats to data and privacy. This also help organizations to recover from the damage that was inflicted from exploitations.

I'm glad to have a basic knowledge about how they audit organization security controls, policies and procedures by internal security audit and external security audit. This is very important thing for an organization, to see if they follow rules and apply necessary requirements and other compliance that an organizations needs to have. So that the security professional will be able analyze and assess controls.

It was fun learning variety of SIEM tools, there are self-hosted SIEM tool, cloud-hosted SIEM tools and Hybrid. and also I got to learn about how security professionals use playbooks alongside SIEM tools. Playbooks and SIEM tools work together to provide a structured and efficient way of responding to potential security incidents, like how it detect breaches.

In this course was a bit challenging, I got to practice how to established scope and goals to audit the fictional organization by participating taking the portfolios and answering quizzes as well, yet, it was fun! I enjoyed this journey so far.

A Game-Changer in Cyber Security Education! The Google Professional Cyber Security Certification Course 2: "Play It Safe: Manage Security Risks" has truly exceeded my expectations and transformed my understanding of cybersecurity. This course is a game-changer! From the moment I embarked on this learning journey, I was captivated by the comprehensive coverage of Certified Information Systems Security Professional's (CISSP) security domains, security controls, frameworks, and compliance regulations. What sets this course apart is its innovative approach to teaching. The engaging content and interactive modules kept me motivated and eager to delve deeper into the subject matter. I particularly enjoyed exploring the diverse range of security information and event management (SIEM) tools and their practical applications in identifying and mitigating risks. The integration of real-world case studies and hands-on exercises further enhanced my learning experience. What truly impressed me was the inclusion of playbooks as a crucial tool in incident response. The course provided clear guidance on developing and implementing effective response strategies, equipping me with the skills needed to navigate the complex world of cybersecurity incidents confidently. The course instructors' expertise and passion for the subject matter were evident throughout, making the learning process enjoyable and inspiring. Additionally, the course's user-friendly platform and comprehensive resources provided excellent support along the way. I highly recommend the Google Professional Cyber Security Certification Course 2 to anyone seeking a dynamic and in-depth understanding of managing security risks. It has not only expanded my knowledge but also empowered me to make a significant impact in the field of cybersecurity. Thank you, Google, for offering such an exceptional educational experience! Disclaimer: This review is based on my personal experience and opinion.

Understanding the importance of security risks is essential in today's digital landscape. I have acquired a thorough grasp of the numerous dangers that lurk in the digital realm, encompassing everything from deceptive phishing attempts and malicious software to compromising data breaches and manipulative social engineering tactics. Understanding the potential risks is crucial in effectively reducing them, and this course has  provided me with the necessary knowledge to spot vulnerabilities in various systems and platforms. Gaining an understanding of security risks has enabled me to take proactive steps to safeguard sensitive information, creating a safer online environment for both myself and others. The field of security is constantly changing, and the content undoubtedly grabbed my attention by using real-life examples, scenarios, and interactive elements to show how security practices are important in everyday life. Experiencing concepts first hand and using simulations have made them more relatable and easier to understand. Additionally, the excitement of comprehending how to protect systems and data from potential threats have been intellectually stimulating and fulfilling. This course  also instilled a feeling of empowerment. Understanding how to effectively handle security risks and boost my own digital safety, but also establishes a valuable resource in different professional environments. It provides me with valuable skills that are in high demand in today's job market, enabling me to make meaningful contributions to teams and organisations through the implementation of strong security protocols and practices. The sense of fulfilment and motivation that comes from knowing that i have the power to protect information and systems is truly rewarding.

This course was overall very enjoyable, much like the last. I will say that the beginning was incredibly information-heavy in a way that was dense to parse. It could just be my ADD, but I was having a difficult time with the deeper explanations of the eight CISSP domains. I appreciated the elaboration because it seemed very abstract to me in the first course, but there were many readings that I felt the need to take a break from because I wasn't retaining the information as well (or rather, having a hard time telling the different domains apart in some cases... the verbiage used isn't always clear or rather is discussed in a way that doesn't necessarily translate to someone without experience in the field). Apart from that, it was so intriguing to learn about the different compliance regulations worldwide as well as different countries' guidelines and best practices for incident response. As always, I sincerely enjoy the employee videos that explain their role - it feels very grounding in a way that makes all of this seem so achievable. Thank you all again for offering these courses, I don't know where I'd be without them!

During my time in the Google Cybersecurity course, I delved into a comprehensive exploration of vital topics within the field. I gained a profound understanding of the Certified Information Systems Security Professional’s (CISSP’s) eight security domains, which provided me with a structured framework to comprehend various facets of cybersecurity. Moreover, the course enlightened me on specific security controls, frameworks, and compliance regulations, empowering me with practical knowledge essential for implementing robust security measures. I acquired proficiency in utilizing playbooks to orchestrate effective responses to security incidents. On my journey, I am eager to delve deeper into certain concepts and explore advanced topics within cybersecurity, and then, I am drawn to certain responsibilities associated with the role of a cybersecurity analyst. Thank you for providing an enriching learning experience that has broadened my horizons and equipped me with valuable skills for the cybersecurity landscape. Warm regards, Win Zaw Htoo

I absolutely love two things about this course: how Google introduces the CISSP's eight security domains early on to students, and then how they have students conduct a risk assessment against a fictional company.

Introducing CISSP so soon to beginning cybersecurity learners, the target audience of this course, shows them a certification that's powerful later in their career. This allows people to set goals for themselves and perhaps opens the door for exploring formal certificate study. I'm not saying new folks should just jump into the CISSP right away, though! I'm saying that it's wonderful to set the stage early, as the eight domains of the CISSP, if explored, offer tons for people to learn about.

For the fictional risk assessment, right away in the second course students are already building a professional portfolio that can then be handed over to students. How awesome is that? Now when entry-level candidates go to apply to jobs, they have proof that they are familiar with the concept of risk management.

Having embarked on numerous courses in diverse fields, I can confidently attest to the enriching experience and invaluable knowledge gained. From exploring topics ranging from data science to leadership, each learning opportunity has been a stepping stone towards personal and professional growth. The depth of content and engaging delivery surpassed expectations, earning each course a stellar rating. Similarly, the comprehensive understanding and practical exercises provided in various courses have contributed significantly to my skill set and knowledge base. Moreover, the flexibility and accessibility offered by online platforms have made learning a seamless and enjoyable endeavor. With each course, I have not only expanded my skill set but also cultivated a passion for lifelong learning. As I continue to explore new horizons, I look forward to embracing the challenges and discoveries that lie ahead.

In brief, I just loved this course. Frankly, I'm having a blast working my way through this cert. Learning about the rules, regs and ethics involved has helped me learn a new appreciation for Security, and helped me see society in a different way. It certainly is going to be a field that has unlimited applications for the future, as software becomes more complex and the world becomes more connected. But I think it's important for a Security officer to follow their gut, and to listen to their intuition when considering all the ways data and systems could be exploited by threat actors, unethical corporations, and malicious artificial intelligence software. Thank you for offering this certification, I really am starting to suspect that my personality may make me very qualified to go into Cyber Security.

I recently took the 'Play it Safe: Manage Security Risk' course and found it to be incredibly valuable in enhancing my understanding of security risk management. As someone who works in IT, I recognized the importance of proactively addressing potential security threats, but I wasn't sure where to start. This course provided me with a comprehensive framework for identifying, assessing, and mitigating risks, and the interactive modules made the learning experience engaging and enjoyable. I particularly appreciated the focus on practical application, which enabled me to develop a tailored risk management plan for my organization. I feel much more confident in my ability to protect our assets and would highly recommend this course to anyone looking to improve their security risk management skills. By

Having just completed this security course, I must express my sincere appreciation for the exceptional quality of content and instruction provided. The course material was comprehensive, covering a wide range of topics in-depth and with clarity. The instructors demonstrated a profound understanding of the subject matter and engaged students effectively throughout the learning process. What truly set this course apart was its emphasis on practical application, with hands-on exercises and real-world case studies that enabled me to immediately apply what I learned. I feel significantly more confident in my ability to navigate complex security challenges after completing this course, and I wholeheartedly recommend it to anyone looking to enhance their knowledge and skills in the field of security.

The course is an excellent follow-up to the first course in the certificate, building on the concepts introduced and diving deeper into the frameworks and controls used by cybersecurity professionals to protect business operations. It covers a wide range of topics including risk management, common threats and vulnerabilities, and security information and event management. Additionally, the course provides a valuable opportunity to practice performing a security audit, an important step towards becoming a cybersecurity professional.

The course is well-structured and easy to follow, and the hands-on activities and examples provided were especially beneficial in helping me understand the concepts covered. I highly recommend this course to anyone interested in pursuing a career in cybersecurity.

If you have not started the Google Cybersecurity Professional Certification Program on Coursera... I suggest you start now.

What are you waiting for?

Coursera courses are taught by top level professionals in the field on a reputable accessible platform, the courses are recognized globally, are self-paced and well-structured.

In this course module I learned:

* CISSP's 8 Security Domains, focused on threats, risks and vulnerabilities

* Security Frameworks and Controls, the CIA Traid, NIST Frameworks and Security Design Principles

* Basic Security tools - SIEM tools and dashboards

* Security audits and compliance regulations, including a hands-on project - a Security Audit and analysis for a pretend company

* How to Protect Assets and Data by using Playbooks

In this course, I found the depth and breadth of the CISSP's eight security domains quite intriguing, especially the emphasis on governance, risk management, and compliance. The unexpected aspect for me was how interconnected all these domains are in ensuring a comprehensive security posture. I've discovered that I'm particularly drawn to the role of a cybersecurity analyst in incident response and threat identification. The fast-paced and dynamic nature of responding to security incidents appeals to me, as it requires quick thinking and adaptability in the face of evolving threats. I'm eager to delve deeper into this area to understand more about the intricacies of incident response and how different SIEM tools can be leveraged effectively.