Hadoop development has allowed big data technologies to reach companies in all sectors of the economy. But as this grows so do the security concerns. In this course you will examine the risks and learn how to implement the security protocols for Hadoop clusters. This learning path can be used as part of the preparation for the Cloudera Certified Administrator for Apache Hadoop (CCA-500) exam.
Learning Objectives
Hadoop Security
- start the course
- describe the four pillars of the Hadoop security model
Network Security
- recall the ports required for Hadoop and how network gateways are used
- install security groups for AWS
Kerberos
- describe Kerberos and recall some of the common commands
- diagram Kerberos and label the primary components
- prepare for a Kerberos installation
- install Kerberos
- configure Kerberos
Services Security
- describe how to configure HDFS and YARN for use with Kerberos
- configure HDFS for Kerberos
- configure YARN for Kerberos
- describe how to configure Hive for use with Kerberos
- configure Hive for Kerberos
- describe how to configure Pig, Sqoop, and Oozie for use with Kerberos
- configure Pig and HttpFS for use with Kerberos
- configure Oozie for use with Kerberos
- configure Hue for use with Kerberos
- describe how to configure Flume for use with Kerberos
User Security
- describe the security model for users on a Hadoop cluster
- describe the use of POSIX and ACL for managing user access
- create access control lists
Data Security
- describe how to encrypt data in motion for Hadoop, Sqoop, and Flume
- encrypt data in motion
- describe how to encrypt data at rest
- recall the primary security threats faced by the Hadoop cluster
- describe how to monitor Hadoop security
Practice: Securing Services
- configure Hbase for Kerberos