Course Outline

PREREQUISITES:

  • Basic Networking Knowledge
  • AWS Basic knowledge
  • Firewall basic knowledge
  • It would be great if you completed AWS 3 in 1 course of Shedil
  • Multiple Firewall
  • Encryption Technique
  • CCNA  level knowledge Architectures

INTRODUCTION TO CLOUD SECURITY:

  • Security intro (Add Security domain & Topics)
  • Security in AWS
  • Secure global infrastructure and compliance
  • shared responsibility and trusted advisor

MANAGEMENT AND GOVERNANCE:

  • AWS Audit Manager
  • AWS Cloud Trail
  • Amazon Cloud Watch
  • AWS Config
  • AWS Organizations
  • AWS Systems Manager
  • AWS Trusted Advisor

NETWORKING AND CONTENT DELIVERY:

  • Amazon Detective
  • AWS Firewall Manager
  • AWS Network Firewall
  • AWS Security Hub
  • Amazon VPC
    • VPC endpoints
    • Network ACLs
    • Security groups
  • AWS WAF & Shield

SECURITY, IDENTITY, AND COMPLIANCE:

  • AWS Certificate Manager (ACM)
  • AWS CloudHSM
  • AWS Directory Service
  • Amazon GuardDuty
  • AWS Identity and Access Management (IAM)
  • Amazon Inspector
  • AWS Key Management Service (AWS KMS)
  • Amazon Macie
  • AWS Single Sign-On

OTHER TOPICS COVERED IN EXAM:

  • AWS CLI
  • AWS SDK
  • AWS Management Console
  • Network analysis tools (packet capture and flow captures)
  • SSH/RDP
  • Signature Version 4
  • TLS
  • Infrastructure as code (IaC)
  • Some demo & Final projects

LAB:

  • Cloudtrail with S3 with Athena
  • Install CloudWatch Logs Agent on EC2 Instance and View CloudWatch Metrics
  • Check the Compliance status of Security group using AWS Config
  • AWS Organization & SSO (Demo)
  • Access EC2 from Session manager and send SSH logs to CloudWatch
  • Check AWS Resources in Trusted Advisor
  • Understanding and Configuring Layered Security in an AWS VPC
  • Understanding Stateful vs Stateless Firewalls
  • How to setup an AWS Site-to-Site (S2S) VPN Connection
  • How to implement end to end VPC Endpoint service
  • Understanding Lambda@Edge
  • Implementing AWS WAF with ALB to block SQL Injection, Geo Location and Query string
  • Blocking web traffic with WAF in AWS
  • Create AWS public Certificate on sherdilitacademy.net & Use on Load balancer with Apache
  • AWS Directory Service – Working with Simple AD
  • Work with AWS Guard duty
  • Create users, groups, MFA, JSOn policies
  • Find vulnerabilities on EC2 instance using Amazon Inspector
  • KMS & CMK encryption & Decryption
  • Discover sensitive data present in S3 bucket using Amazon Macie
  • Lab cover in AWS Organization
  • Working with cloud shell
  • Working with cloud SDK
  • Virtual tour
  • Cloud formation deployment