Overview
Course Instructor: Dennis Chow
Course Outline
01. Introduction to Amazon AWS Security
- Amazon Security basics
- AWS Security and compliance
02. Associate Level Review
- Global infrastructure review
- Elastic Compute Cloud (EC2)
- Lambda
- VPC review
- S3 review
- EC2 load balancers
03. Services Review
- IAM review
- KMS
- CloudWatch, CloudTrail, and config
- Firewall
- More security and Identity Services
04. Incident Response
- Incident Response
- Steps for installing Inspector Agent and SSM Agent
- Configuring alarms
05. Identity and Access Management
- Policy evaluation order
- IAM users and rules
- Best practices for IAM users and account security
- Cross account access
- AWS organization
- SCP guard rails
- Account security status
- AWS cognito and web identity federation
06. Infrastructure Security
- VPCs
- Setting up VPCs
- Network Access Control Lists (NACLs)
- VPC peering
- VPC endpoints
- VPC endpoint policies
- Systems manager setup
- AWS system manager patch management
- AWS system manager parameter store
- AWS system manager run command
- Amazon inspector
- AWS load balancers
- Security with AWS CloudFront
- AWS Trusted Advisor
- Web application firewall
- AWS Shield
- AWS Guard Duty
- Amazon Macie
- AWS Artifact
- AWS network firewall
- AWS Lambda security
- Penetration testing
07. Logging and Monitoring
- Cloud monitoring tools
- Working with CloudWatch
- Working with Simple Storage Service (S3)
- Working with CloudTrail
- CloudTrail Cross-Account logging
- Working with CloudWatch
- AWS config and conformance packs
- VPC Flow logs and AWS Athena
08. Data Protection
- S3 Overview
- IAM policies, bucket policies, and ACLs
- S3 encryption
- S3 pre-signed url
- S3 cross region replication
- Amazon S3 access tiering and Glacier
- KMS overview and operations
- AWS KMS key policies and grants
- Using KMS with S3 and EBS
- Using VPC endpoints with KMS
- Deleting customer KMS keys
- Cloud HSM
- EC2 encryption with key pairs
- Using certificate manager with CloudFront
Skills Learned
After completing this online training course, students will be able to:
- Identify security benefits and responsibilities of using the AWS Cloud
- Describe the access control and management features of AWS
- Understand the different methods to secure data
- Describe how to secure network access to your AWS resources
- Determine which AWS services can be used for monitoring and incident response