Security Engineering on AWS
Security is a concern for both customers in the cloud, and those considering cloud adoption. An increase in cyberattacks and data leaks remains top of mind for most industry personnel. The Security Engineering on AWS course addresses these concerns by helping you better understand how to interact and build with Amazon Web Services (AWS) in a secure way. In this course, you will learn about managing identities and roles, managing and provisioning accounts, and monitoring API activity for anomalies. You will also learn about how to protect data stored on AWS. The course explores how you can generate, collect, and monitor logs to help identify security incidents. Finally, you will review detecting and investigating security incidents with AWS services.
What you will learn
- State an understanding of AWS cloud security based on the CIA triad.
- Create and analyze authentication and authorizations with IAM.
- Manage and provision accounts on AWS with appropriate AWS services.
- Identify how to manage secrets using AWS services.
- Monitor sensitive information and protect data via encryption and access controls.
- Identify AWS services that address attacks from external sources.
- Monitor, generate, and collect logs.
- Identify indicators of security incidents.
- Identify how to investigate threats and mitigate using AWS services.
Prerequisites
- Completed the following courses: AWS Security Essentials (Classroom training) or AWS Security Fundamentals (Second Edition) (digital) and Architecting on AWS (Classroom Training)
- Working knowledge of IT security practices and infrastructure concepts.
- Familiarity with the AWS Cloud.
Target audience
- Security engineers, Security architects, Cloud architects, Cloud operators working across all global segments.
Training Program
8 modules to master the fundamentals
Topics covered
- →Explain Security in the AWS Cloud.
- →Explain AWS Shared Responsibility Model.
- →Summarize IAM, Data Protection, and Threat Detection and Response.
- →State the different ways to interact with AWS using the console, CLI, and SDKs.
- →Describe how to use MFA for extra protection.
- →State how to protect the root user account and access keys.
Topics covered
- →Describe how to use multi-factor authentication (MFA) for extra protection.
- →Describe how to protect the root user account and access keys.
- →Describe IAM policies, roles, policy components, and permission boundaries.
- →Explain how API requests can be logged and viewed using AWS CloudTrail and how to view and analyze access history.
Activities
Hands-On Lab: Using Identity and Resource Based Policies.
Topics covered
- →Explain how to manage multiple AWS accounts using AWS Organizations and AWS Control Tower.
- →Explain how to implement multi-account environments with AWS Control Tower.
- →Demonstrate the ability to use identity providers and brokers to acquire access to AWS services.
- →Explain the use of AWS IAM Identity Center (successor to AWS Single Sign-On) and AWS Directory Service.
- →Demonstrate the ability to manage domain user access with Directory Service and IAM Identity Center.
Activities
Hands-On Lab: Managing Domain User Access with AWS Directory Service
Topics covered
- →Describe and list the features of AWS KMS, CloudHSM, AWS Certificate Manager (ACM), and AWS Secrets Manager.
- →Demonstrate how to create a multi-Region AWS KMS key.
- →Demonstrate how to encrypt a Secrets Manager secret with an AWS KMS key.
- →Demonstrate how to use an encrypted secret to connect to an Amazon Relational Database Service (Amazon RDS) database in multiple AWS Regions
Activities
Hands-on lab: Lab 3: Using AWS KMS to Encrypt Secrets in Secrets Manager
Topics covered
- →Monitor data for sensitive information with Amazon Macie.
- →Describe how to protect data at rest through encryption and access controls.
- →Identify AWS services used to replicate data for protection.
- →Determine how to protect data after it has been archived.
Activities
Hands-on lab: Lab 4: Data Security in Amazon S3
Topics covered
- →Describe the AWS features used to build secure infrastructure.
- →Describe the AWS services used to create resiliency during an attack.
- →Identify the AWS services used to protect workloads from external threats.
- →Compare the features of AWS Shield and AWS Shield Advanced.
- →Explain how centralized deployment for AWS Firewall Manager can enhance security.
Activities
Hands-on lab: Lab 5: Using AWS WAF to Mitigate Malicious Traffic
Topics covered
- →Identify the value of generating and collecting logs.
- →Use Amazon Virtual Private Cloud (Amazon VPC) Flow Logs to monitor for security events.
- →Explain how to monitor for baseline deviations.
- →Describe Amazon EventBridge events.
- →Describe Amazon CloudWatch metrics and alarms.
- →List log analysis options and available techniques.
- →Identify use cases for using virtual private cloud (VPC) Traffic Mirroring.
Activities
Hands-on lab: Lab 6: Monitoring for and Responding to Security Incidents
Topics covered
- →Classify incident types in incident response.
- →Understand incident response workflows.
- →Discover sources of information for incident response using AWS services.
- →Understand how to prepare for incidents.
- →Detect threats using AWS services.
- →Analyze and respond to security findings.
Activities
Hands-on lab: Lab 7: Incident Response
Quality Process
SFEIR Institute's commitment: an excellence approach to ensure the quality and success of all our training programs. Learn more about our quality approach
- Lectures / Theoretical Slides — Presentation of concepts using visual aids (PowerPoint, PDF).
- Technical Demonstration (Demos) — The instructor performs a task or procedure while students observe.
- Guided Labs — Guided practical exercises on software, hardware, or technical environments.
The achievement of training objectives is evaluated at multiple levels to ensure quality:
- Continuous Knowledge Assessment : Verification of knowledge throughout the training via participatory methods (quizzes, practical exercises, case studies) under instructor supervision.
- Progress Measurement : Comparative self-assessment system including an initial diagnostic to determine the starting level, followed by a final evaluation to validate skills development.
- Quality Evaluation : End-of-session satisfaction questionnaire to measure the relevance and effectiveness of the training as perceived by participants.
Train multiple employees
- Volume discounts (multiple seats)
- Private or custom session
- On-site or remote