Course Outline
PREREQUISITES:
- Basic Networking Knowledge
- AWS Basic knowledge
- Firewall basic knowledge
- It would be great if you completed AWS 3 in 1 course of Shedil
- Multiple Firewall
- Encryption Technique
- CCNA level knowledge Architectures
INTRODUCTION TO CLOUD SECURITY:
- Security intro (Add Security domain & Topics)
- Security in AWS
- Secure global infrastructure and compliance
- shared responsibility and trusted advisor
MANAGEMENT AND GOVERNANCE:
- AWS Audit Manager
- AWS Cloud Trail
- Amazon Cloud Watch
- AWS Config
- AWS Organizations
- AWS Systems Manager
- AWS Trusted Advisor
NETWORKING AND CONTENT DELIVERY:
- Amazon Detective
- AWS Firewall Manager
- AWS Network Firewall
- AWS Security Hub
- Amazon VPC
- VPC endpoints
- Network ACLs
- Security groups
- AWS WAF & Shield
SECURITY, IDENTITY, AND COMPLIANCE:
- AWS Certificate Manager (ACM)
- AWS CloudHSM
- AWS Directory Service
- Amazon GuardDuty
- AWS Identity and Access Management (IAM)
- Amazon Inspector
- AWS Key Management Service (AWS KMS)
- Amazon Macie
- AWS Single Sign-On
OTHER TOPICS COVERED IN EXAM:
- AWS CLI
- AWS SDK
- AWS Management Console
- Network analysis tools (packet capture and flow captures)
- SSH/RDP
- Signature Version 4
- TLS
- Infrastructure as code (IaC)
- Some demo & Final projects
LAB:
- Cloudtrail with S3 with Athena
- Install CloudWatch Logs Agent on EC2 Instance and View CloudWatch Metrics
- Check the Compliance status of Security group using AWS Config
- AWS Organization & SSO (Demo)
- Access EC2 from Session manager and send SSH logs to CloudWatch
- Check AWS Resources in Trusted Advisor
- Understanding and Configuring Layered Security in an AWS VPC
- Understanding Stateful vs Stateless Firewalls
- How to setup an AWS Site-to-Site (S2S) VPN Connection
- How to implement end to end VPC Endpoint service
- Understanding Lambda@Edge
- Implementing AWS WAF with ALB to block SQL Injection, Geo Location and Query string
- Blocking web traffic with WAF in AWS
- Create AWS public Certificate on sherdilitacademy.net & Use on Load balancer with Apache
- AWS Directory Service – Working with Simple AD
- Work with AWS Guard duty
- Create users, groups, MFA, JSOn policies
- Find vulnerabilities on EC2 instance using Amazon Inspector
- KMS & CMK encryption & Decryption
- Discover sensitive data present in S3 bucket using Amazon Macie
- Lab cover in AWS Organization
- Working with cloud shell
- Working with cloud SDK
- Virtual tour
- Cloud formation deployment