Security Engineering on AWS
Cloud security is a big concern for customers looking to adopt the cloud. There has been a steady increase in cyber attacks and data breaches are top concerns for security teams. This course addresses these concerns by teaching you how to interact and build with AWS cloud in a very secure way. You will learn about managing roles and identities, provisioning accounts and monitoring the API activities for any anomalies.
Moreover, you will learn to protect the stored data in the AWS cloud together with generating, collecting, and monitoring logs to help identify security related incidents. The course is delivered with a mix of presentations, hands-on labs and group exercises. After completion, you will be able to attempt the AWS Certified Security – Speciality certification.
The course is best suited for Security engineers, Security architects, Cloud Architects and cloud operators. We recommend that you should have completed the AWS Security Essentials and the Architecting on AWS courses. Along with this, we also recommend that you should have working knowledge of IT security practices and infrastructure concepts.
Moreover, you will learn to protect the stored data in the AWS cloud together with generating, collecting, and monitoring logs to help identify security related incidents. The course is delivered with a mix of presentations, hands-on labs and group exercises. After completion, you will be able to attempt the AWS Certified Security – Speciality certification.
The course is best suited for Security engineers, Security architects, Cloud Architects and cloud operators. We recommend that you should have completed the AWS Security Essentials and the Architecting on AWS courses. Along with this, we also recommend that you should have working knowledge of IT security practices and infrastructure concepts.
In this course, you will learn to:
- State an understanding of AWS cloud security based on the CIA triad.
- Create and analyze authentication and authorizations with IAM.
- Manage and provision accounts on AWS with appropriate AWS services.
- Identify how to manage secrets using AWS services.
- Monitor sensitive information and protect data via encryption and access controls.
- Identify AWS services that address attacks from external sources.
- Monitor, generate, and collect logs.
- indicators of security incidents.
- Identify how to investigate threats and mitigate using AWS services.
This course is intended for:
- Security engineers
- Security architects
- Cloud architects
- Cloud operators working across all global segments.
We recommend that attendees of this course have:
- Completed the following courses:
– AWS Security Essentials (Classroom training) or
– AWS Security Fundamentals (Second Edition) (digital) and
– Architecting on AWS (Classroom Training) - Working knowledge of IT security practices and infrastructure concepts.
- Familiarity with the AWS Cloud.
Module 1: Security on AWS
- Security in the AWS cloud
- AWS Shared Responsibility Model
- Incident response overview
- DevOps with Security Engineering
Module 2: Identifying Entry Points on AWS
- Identify the different ways to access the AWS platform
- Understanding IAM policies
- IAM Permissions Boundary
- IAM Access Analyzer
- Multi-factor authentication
- AWS CloudTrail
- Lab 01: Cross-account access
Module 3: Security Considerations: Web Application Environments
- Threats in a three-tier architecture
- Common threats: user access
- Common threats: data access
- AWS Trusted Advisor
Module 4: Application Security
- Amazon Machine Images
- Amazon Inspector
- AWS Systems Manager
- Lab 02: Using AWS Systems Manager and Amazon Inspector
Module 5: Data Security
- Data protection strategies
- Encryption on AWS
- Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB
- Protecting archived data with Amazon S3 Glacier
- Amazon S3 Access Analyzer
- Amazon S3 Access Points
Module 6: Securing Network Communications
- Amazon VPC security considerations
- Amazon VPC Traffic Mirroring
- Responding to compromised instances
- Elastic Load Balancing
- AWS Certificate Manager
Module 7: Monitoring and Collecting Logs on AWS
- Amazon CloudWatch and CloudWatch Logs
- AWS Config
- Amazon Macie
- Amazon VPC Flow Logs
- Amazon S3 Server Access Logs
- ELB Access Logs
- Lab 03: Monitor and Respond with AWS Config
Module 8: Processing Logs on AWS
- Amazon Kinesis
- Amazon Athena
- Lab 04: Web Server Log Analysis
Module 9: Security Considerations: Hybrid Environments
- AWS Site-to-Site and Client VPN connections
- AWS Direct Connect
- AWS Transit Gateway
Module 10: Out-Of-Region Protection
- Amazon Route 53
- AWS WAF
- Amazon CloudFront
- AWS Shield
- AWS Firewall Manager
- DDoS mitigation on AWS
Module 11: Security Considerations: Serverless Environments
- Amazon Cognito
- Amazon API Gateway
- AWS Lambda
Module 12: Threat Detection and Investigation
- Amazon GuardDuty
- AWS Security Hub
- Amazon Detective
Module 13: Secrets Management on AWS
- AWS KMS
- AWS CloudHSM
- AWS Secrets Manager
- Lab 05: Using AWS KMS
Module 14: Automation and Security by Design
- AWS CloudFormation
- AWS Service Catalog
- Lab 06: Security automation on AWS with AWS Service Catalog
Module 15: Account Management and Provisioning on AWS
- AWS Organizations
- AWS Control Tower
- AWS SSO
- AWS Directory Service
- Lab 07: Federated Access with ADFS
Why choose Cloud Wizard
- Advanced Tier Training Partner
- Amazon Authorised Instructors
- Official AWS Content
- Hands-on Labs
Class Deliverables
- E-Content kit by AWS
- Hands-on labs
- Class completion certificates
- Exam Prep sessions
Dates Available
Choose a date that works for you and click on Book Now to proceed with your registration.
| Method | Duration | Start Time | Start date | Price | Action |
|---|---|---|---|---|---|
| Classroom | 3 days | All Day | May 8, 2024 | ₹45,000 | |
| Classroom | 3 days | All Day | May 22, 2024 | ₹45,000 | |
| Classroom | 3 days | All Day | June 12, 2024 | ₹45,000 | |
| Classroom | 3 days | All Day | June 26, 2024 | ₹45,000 |
Don't see a date that works for you?
Fill in the form below to let us know.
Related courses
Related products
-
AWS Training
Amazon SageMaker Studio for Data Scientists
This course helps experienced data scientists build, train, and deploy ML models for any use case with fully managed infrastructure, tools, and workflows to reduce training time from hours to minutes with optimized infrastructure and at the end of the course, you’ll practice building an end-to-end tabular data ML project using SageMaker Studio and the SageMaker Python SDK.
-
AWS Training
Planning and Designing Databases on AWS
Both relational and non-relational databases’ planning and design processes will be covered in this Planning and designing Databases on AWS course. You will learn about design factors for databases hosted on Amazon Elastic Compute Cloud (AmazonEC2).
-
AWS Training
AWS Cloud for Finance Professionals
This course is aimed at enterprise level financial stakeholders who need to learn to manage, optimize and plan the organization’s cloud spend. You will learn to be more accountable and price conscious from an expert AWS Instructor. The course runs for two days and is focused on learning to innovate within your financial organization
As part of the course, you’ll learn to define cloud business models, estimate costs associated with your AWS account with the existing and future workloads. Tools used for reporting, monitoring, allocating, optimizing and planning AWS spending through pricing models on AWS Cloud shall also be covered.
If you are a Financial Stakeholder in an organization who wants to learn how to maximize cloud business value and use CFM best practices and to help the finance teams to innovate with AWS, this course is ideal for you. It is delivered by an Amazon Authorized Instructor with a mix of presentation, theory and knowledge checks.
-
AWS Training
AWS Technical Essentials
This introductory course is designed to teach you AWS products, services and common solutions. You will understand the basics of identifying appropriate AWS services to make conscious decisions based on your business requirements
You will learn several terms and concepts related to the AWS Cloud along with navigating the AWS Management console, AWS Security measures and AWS Identity and Access Management
If you work with customers to share the technical benefits of the AWS Cloud with them, this course is for you. SysOps administrators, Solution Architects and developers along with Individuals who are keen to learn the AWS cloud can also join. The course is delivered by AWS Instructors with a mix of theoretical and practical exercises
