Description

This is a two-day specialty course that deep dives into Advanced Security services of AWS and enhances knowledge of AWS security-related services. This training is focused on “AWS Security – Specialty” Certification, with hands-on labs for simulation of security-related use cases. AWS Security certification validates an examinee’s ability to effectively demonstrate knowledge about securing the AWS platform.

Highlights of this course:

• An understanding of data classifications and data protection mechanisms
• An understanding of data-encryption methods and mechanisms to implement them on AWS platform
• Working knowledge of AWS security services and features of services to provide a secure production environment
• The ability to make trade-off decisions with regard to cost, efficiency, security and deployment complexity given a set of application requirements.
• An understanding of security operations and risk management

Objectives

• To gain deep understanding of AWS security technologies
• Implement  data-encryption methods and mechanisms on AWS platform
• Choose appropriate security services for workloads
• Deep understanding of various protocols, logging standards and IAM management.
• Design edge security and implement a secure network infrastructure
• Design and implement a scalable authorization and authentication system to access AWS resources
• Design and implement security monitoring and alerting
• Be able to understand Data security, cost and performance objectives
• Be able to understand various real-time use cases, best practice and n/w design patterns

Who Should Attend

• Solutions Architects
• Security Analysts
• SysOps Administrators
• DevOps Engineers

Prerequisites

• Should have attended AWS – Level 2 and AWS – Level 3 course (Mandatory) from CloudThat Technologies
• Should have a basic understanding of security and internet protocols

Course Outline

Day – 1

• Security Fundamentals
• Incident Response
  • Given an AWS Abuse Notice, Evaluate the Suspected Compromised Instance or Exposed Access Keys
  • Verify That the Incident Response Plan Includes Relevant AWS Services
  • Evaluate the Configuration of Automated Alerting and Execute Possible Remediation of Security-Related Incidents and Emerging Issues
• Logging and Monitoring
  • Design and Implement Security Monitoring and Alerting
  • Troubleshoot Security Monitoring and Alerting
  • Hands-on Lab
• Infrastructure Security
  • Design Edge Security on AWS
  • Design and Implement a Secure Network Infrastructure
  • Troubleshoot a Secure Network Infrastructure
  • Design and Implement Host-based Security
  • Hands-on Lab

Day – 2

• Identity and Access Management
  • IAM Policies
  • Permission Boundaries and Policy Evaluation
  • Resource Policies – S3 Bucket Policy
  • KMS Key Policies
  • Identity Federation
  • Cross Account Access
  • Role and STS Integration
  • Single Sign-on Integration
  • Troubleshoot an Authorization and Authentication System to Access AWS Resource
  • Hands-on on Lab
• Data Protection
  • Key Management System (KMS)
  • KMS in a Multi-Account Configuration
  • CloudHSM Security and Monitoring
  • Troubleshoot KMS Permission and Access
  • Data At Rest – using KMS
  • S3 Client-side Encryption
  • Data in Transit – ACM
  • Data Compliance and Regulation
  • Hands-on Lab

About The Trainer

The trainer will be a certified AWS Professional

Other Details

Questions?

For latest batch dates, fees, location, technical queries and general inquiries, contact our sales team at: +91 8880002200 or email at sales@cloudthat.in