Security Engineering on AWS

AWS Training

Course ID: AWSSEC

Duration: 3 Days

Training Fee: HK$12,600

Overview

This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services.

You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.

For private classes, please contact us at (852) 2116 3328 for more details.

TC_APN_training-partner

Course Objectives

This course allows you to:

  • Assimilate and leverage the AWS shared security responsibility model
  • Manage user identity and access management in the AWS cloud
  • Use AWS security services such as AWS Identity and Access Management, Amazon Virtual Private Cloud, AWS Config, AWS CloudTrail, AWS Key Management Service, AWS CloudHSM, and AWS Trusted Advisor
  • Implement better security controls for your resources in the AWS cloud
  • Manage and audit your AWS resources from a security perspective
  • Monitor and log access and usage of AWS compute, storage, networking, and database services
  • Assimilate and leverage the AWS shared compliance responsibility model
  • Identify AWS services and tools to help automate, monitor, and manage security operations on AWS
  • Perform security incident management in the AWS cloud

Prerequisites

We recommend that attendees of this course have the following prerequisites:

  • Attended AWS Security Fundamentals
  • Experience with governance, risk, and compliance regulations and control objectives
  • Working knowledge of IT security practices
  • Working knowledge of IT infrastructure concepts
  • Familiarity with cloud computing concepts

Intended Audience

This course is intended for:

  • Security engineers
  • Security architects
  • Security analysts
  • Security auditors
  • Individuals who are responsible for governing, auditing, and testing an organization’s IT infrastructure, and ensuring conformity of the infrastructure to security, risk, and compliance guidelines

Delivery Method

This course will be delivered through a mix of:

  • Instructor-Led Training (ILT)
  • Hands-On Labs

Hands-on Activity

  • This course allows you to test new skills and apply knowledge to your working environment through a variety of practical exercises

Course Outline

This course will cover the following concepts:

Day 1

  • Module 1: Introduction to Cloud Security
  • Module 2: Cloud Aware Governance and Compliance
  • Module 3: Identity and Access Management
  • Lab 1: Using AWS IAM
  • Module 4: Securing AWS Infrastructure Services – Part 1
  • Lab 2: Creating a virtual private cloud

Day 2

  • Module 5: Securing AWS Infrastructure Services – Part 2
  • Module 6: Securing AWS Container Services – Part 1
  • Module 6: Securing AWS Container Services – Part 2
  • Lab 3: Using RDS security groups
  • Module 7: Securing AWS Abstracted Services
  • Lab 4: Securing Amazon S3 buckets
  • Module 8: Using AWS Security Services – Part 1
  • Lab 5: Capturing logs

Day 3

  • Module 9: Using AWS Security Products – Part 2
  • Lab 6: Using AWS Config
  • Lab 7: Using AWS Service Catalog
  • Module 10: Data Protection in the AWS Cloud
  • Module 11: Building Compliant Workloads on AWS – Case Studies
  • Module 12: Security Incident Management in the Cloud

Examination Detail

AWS Certified Security Specialty

Security Operations on AWS and Advanced Architecting on AWS will assist in exam preparation of AWS Certified Security Specialty.

Test item formats used in this examination are:

  • Multiple-choice: Has one correct response and three incorrect responses (distractors)
  • Multiple-response: Has two or more correct responses out of five or more options