Security Engineering on AWS - ENGLISH - AWSS04-E


Security Engineering on AWS demonstrates how to efficiently use AWS security services to stay secure and compliant in the AWS Cloud. The course focuses on the AWS-recommended security best practices that you can implement to enhance the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services.
This course also refers to the common security control objectives and regulatory compliance standards and examines use cases for running regulated workloads on AWS across different verticals, globally. You will also learn how to leverage AWS services and tools for automation and continuous monitoring—taking your security operations to the next level.

.... Course Description

error_outline Wichtige Information

This course is held in English!

expand_more chevron_right Zielgruppe

  • Security engineers
  • Security architects
  • Security analysts
  • Security auditors
  • Individuals who are responsible for governing, auditing, and testing an organization’s IT infrastructure, and ensuring conformity of the infrastructure to security, risk, and compliance guidelines

    expand_more chevron_right Vorkenntnisse

    • Attended AWS Security Fundamentals
    • Attended AWS Security Essentials
    • Attended Architecting on AWS
    • Experience with governance, risk, and compliance regulations and control objectives
    • Working knowledge of IT security practices
    • Working knowledge of IT infrastructure concepts
    • Familiarity with cloud computing concepts

    expand_more chevron_right Detail-Inhalte

    Day 1
    Module 1: Security on AWS 
    Security in the AWS cloud 
    AWS Shared Responsibility Model
    Incident response overview 
    DevOps with Security Engineering
    Module 2: Identifying Entry Points on AWS
    Identify the different ways to access the AWS platform 
    Understanding IAM policies 
    IAM Permissions Boundary
    IAM Access Analyzer 
    Multi-factor authentication 
    AWS CloudTrail
    Lab 01: Cross-account access
    Module 3: Security Considerations: Web Application Environments 
    Threats in a three-tier architecture
    Common threats: user access
    Common threats: data access 
    AWS Trusted Advisor
    Module 4: Application Security
    Amazon Machine Images
    Amazon Inspectors
    AWS Systems Manager
    Lab 02: Using AWS Systems Manager and Amazon Inspector
    Module 5: Data Security
    Data protection strategies 
    Encryption on AWS 
    Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB 
    Protecting archived data with Amazon S3 Glacier
    Amazon S3 Access Analyzer
    Amazon S3 Access Points
    Day 2
    Module 6: Securing Network Communications 
    Amazon VPC security considerations 
    Amazon VPC Traffic Mirroring 
    Responding to compromised instances
    Elastic Load Balancing 
    AWS Certificate Manager
    Module 7: Monitoring and Collecting Logs on AWS
    Amazon CloudWatch and CloudWatch Logs
    AWS Config
    Amazon Macie
    Amazon VPC Flow Logs 
    Amazon S3 Server Access Logs
    ELB Access Logs
    Lab 03: Monitor and Respond with AWS Config
    Module 8: Processing Logs on AWS 
    Amazon Kinesis
    Amazon Athena
    Lab 04: Web Server Log Analysis
    Module 9: Security Considerations: Hybrid Environments 
    AWS Site-to-Site and Client VPN connections 
    AWS Direct Connect
    AWS Transit Gateway
    Module 10: Out-Of-Region Protection 
    Amazon Route 53
    AWS WAF 
    Amazon CloudFront 
    AWS Shield
    AWS Firewall Manager
    DDoS mitigation on AWS
    Day 3
    Module 11: Security Considerations: Serverless Environments 
    Amazon Cognito
    Amazon API Gateway 
    AWS Lambda
    Module 12: Threat Detection and Investigation
    Amazon GuardDuty
    AWS Security Hub 
    Amazon Detective
    Module 13: Secrets Management on AWS
    AWS CloudHSM
    AWS Secrets Manager 
    Lab 05: Using AWS KMS
    Module 14: Automation and Security by Design
    AWS CloudFormation
    AWS Service Catalog 
    Lab 06: Security automation on AWS with AWS Service Catalog
    Module 15: Account Management and Provisioning on AWS
    AWS Organizations
    AWS Control Tower
    AWS Directory Service
    Lab 07: Federated Access with ADFS


      Durch Angabe Ihrer E-Mail-Adresse und Anklicken des Buttons „Newsletter abonnieren“ erklären Sie sich damit einverstanden, dass ETC Ihnen regelmäßig Informationen zu IT Seminaren und weiteren Trainings- und Weiterbildungsthemen zusendet. Die Einwilligung kann jederzeit bei ETC widerrufen werden.