Master cloud security with AWS! Learn to secure infrastructure, manage identity & access, detect threats, and ensure compliance. Perfect for cloud professionals aiming to specialize in security.
The AWS Security course, a vital component of Amazon Web Services (AWS) educational offerings, explores the realm of trustworthy, cost-effective, and scalable Cloud Computing Services. Tailored for those seeking a specialized focus on security, the AWS Security training encompasses a diverse mix of the AWS ecosystem. The AWS Security certification equips participants with the knowledge and skills to fortify cloud environments against evolving threats. Whether you are an IT professional or security enthusiast, the AWS Security program offers a deep dive into securing AWS applications and infrastructure, ensuring robust protection within the dynamic landscape of cloud computing.
Eligibility
Graduation
Basic understanding of the IT industry
Basic understanding of Amazon
Understanding of Cloud Services
Fundamental knowledge of Infrastructure management and building
Incident Response
Evaluate compromised instances/exposed access keys in the AWS abuse notice
Securely isolate instance as part of EC2 instance
Verify breach in logs relevant to the reported instance
Capture a memory dump from a suspected instance.Verify relevant AWS services in the Incident Response Plan
Determine changes in the baseline security configuration
Determine omitted services by list
Services to remediate gapsEvaluate the configuration of automated alerting
Automate evaluation of conformance with rules
Rule-based alerts for common infrastructure misconfigurations
Review previous security incidents
Logging and Monitoring
Implement security monitoring and alerting
Analyze architecture and identify monitoring needs
AWS services to automate monitoring and alerting
Custom application monitoring
Set up automated tools for auditsTroubleshoot security monitoring and alerting
Analyze the service functionality and configuration of an event without alerting
Analyze the permissions and remediate
Analyze the configuration of a custom application and remediate
Review audit trails of the system and user activityDesign and Implement a Logging Solution
Analyze architecture and identify logging requirements and sources
Log ingestion
Implement secure log storage
Automate log ingestion by analyzing the architectureTroubleshoot logging solutions
Determine the incorrect configuration in the absence of logs
Define remediation steps
Analyze logging access permission
Determine incorrect configuration and remediate
Determine the correct log level, type, and sources
Infrastructure Security
Design edge security on AWS
Assess and limit the attack surface for a workload
Reduce blast radius
AWS edge services to protect against DDoS/filter app-level attacks
WAF, CloudFront, Route 53
Evaluate the mechanisms to prevent and detect intrusions
Test WAF rules to block malicious traffic
Design and implement secure network infrastructure
Disable any unnecessary network ports and protocols
Evaluate the security groups for a set of edge protection requirements
Evaluate NACLs of an application for compliance
Recommend required changes
Decide on network segmentation (e.g. security groups and NACLs) allowing minimum ingress/egress access
Determine the use case for VPN or Direct Connect
Determine the use case for enabling VPC Flow Logs
Analyze the use of subnets given a network infrastructure for a VPC
Analyze gateways for secure operationTroubleshoot a secure network infrastructure
Determine where network traffic flow is being denied confirm security groups and NACLs in a configuration
Design and implement host-based security
Install and configure host-based protections (Inspector, SSM)
Using host-based firewalls like iptables
Methods for host hardening and monitoring
Identity and Access Management
Scalable authorization/authentication system to access AWS resources
Analyze the access control configuration for the AWS services workload
Reduce risk and verify the security of root users in an organization
Determine when to apply user policies and resource policies
Federate directory services to IAM within the organization’s policy
Design a scalable authorization model (users, groups, roles, and policies)
Restrict individual users of data and AWS resources
Enforce proper separation of dutiesTroubleshoot an authorization and authentication system to access AWS resources
Investigate a user’s inability to access S3 bucket contents
Investigate a user’s inability to switch roles to a different account
Investigate an Amazon EC2 instance’s inability to access a given AWS resource
Data Protection
Design and implement key management and use
Determine an appropriate key management solution to evaluate key usage for data protection
Control the blast radius of a key compromise event
Design a solutionTroubleshoot key management
The difference between a KMS key grant and an IAM policy
Deduce the precedence given to different conflicting policies for a key
Revoke permissions for a user or service in the event of a compromise
Having 12+ years of experience in the IT industry, your favourite mentor, Atul Sharma, is a Network Engineer and the founder of Network Kings who began his IT journey merely through a YouTube channel in 2013 and focussed on his vision to produce Engineers worldwide. He has worked with Aricent, TCS, Apple, and Juniper.
Placement Guarantee / Support
Unlock job opportunities with our placement assistance, job referrals, and interview scheduling.
Practice-based lessons
Immerse yourself in hands-on learning through our practice-based lessons, designed to provide practical skills and real-world insights.
20% discount for other courses
Get a 20% discount on additional courses! Expand your skills and knowledge affordably. Enroll now for more learning opportunities.
Quarterly updates
Our mentors review the course syllabus once in a quarter and once you have a lifetime access you’ll also be able to see those updates
