Securing Amazon Web Services

Overview

Duration: 2 days
CPE Credits: 14
Course Number: SEC-316
Intrinsec Security - Logo (Graphic)

Securing Amazon Web Services is a two day, 14 CPE training seminar offered to you by Intrinsec Security.

Course Introduction

The Securing Amazon Web Services course is a professional development training seminar designed to equip students and enterprises with the professional ability to properly and securely utilize Amazon Web Services (AWS). Those who register for the Securing Amazon Web Services training seminar will examine the various available security offerings within AWS, their purposes and finally, implementation of controls within their cloud environment.

This course provides students with a heavy dosage of lectures, group discussions, and practical exercises; all of which were developed into the course to ensure students have a few different opportunities to absorb key messages and learning objectives. Successful students of this course will leave our training with the knowledge and skills to properly implement security within an AWS infrastructure.

Course Prerequisites

While any interested student can attend our Securing Amazon Web Services program, this course is not intended for beginners. We recommend for all prospective students to have networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating subjects such as OS X, Unix, or Linux.

What You Will Learn

This course has a total of nine domains designed to instruct students on how to properly utilize Amazon Web Services (SAWS) in a secure manner.

Domain 1: Identity and Access Management

Domain 1: Identity and Access Management

In the first domain of this course, you will learn about the following subjects:

  • Amazon Web Services (AWS) Identity and Access Management
  • Root Account Security
  • Best Practices for Multi-Factor Authentication
  • IAM User Accounts
  • Auditing Accounts and Permissions
  • Server Roles
  • IAM Policy Development
Domain 2: Encryption at Rest

Domain 2: Encryption at Rest

In the second domain of this course, you will learn about the following subjects:

  • Options for Encryption of Data at Rest
  • Provider Managed Encryption
  • Customer Managed Encryption
Domain 3: Network Security

Domain 3: Network Security

In the third domain of this course, you will learn about the following subjects:

  • Security Groups + Network Access Control List (NACL)
  • Security Group Features and Limitations
Domain 4: Infrastructure Security

Domain 4: Infrastructure Security

Infrastructure Security is the fourth domain reviewed in this course and it focuses on the following subjects:

  • Managing AWS Security
  • Using APIs (Application Programming Interface) to Secure your AWS Implementation
  • Securing AWS Infrastructure using CLI (Command-Line Interface) Tools
  • API and CLI Scripting
  • API Security
Domain 5: Instance Security

Domain 5: Instance Security

In the fifth domain of this course, Instance Security, you will learn about the following subjects:

  • Instance Security
  • Patch Management of Cloud Servers
  • Host-Based vs. Network Based Controls
Domain 6: Logging & Monitoring

Domain 6: Logging & Monitoring

Logging and Monitoring is the sixth domain featured in this course, and you can expect to learn about the following subjects:

  • Assessing with Cloudtrail and Cloud Watch
  • Integrating Cloudtrail with SIEM
Domain 7: Incident Response

Domain 7: Incident Response

In the seventh domain of this course you will learn about the following subjects:

  • Incident Response (IR) in AWS
  • Implementing IR Best Practices
Domain 8: Availability

Domain 8: Availability

Availability is the eighth domain focused on during this course. Students can expect to learn about the following subjects:

  • High Availability in AWS
  • Leveraging Availability Zones and Regions for High Availability
  • Implementing Elastic Load Balancing
Domain 9: Virtual Private Cloud Architecture

Domain 9: Virtual Private Cloud Architecture

Virtual Private Cloud Architecture is the ninth and final domain featured in this course. You can expect to learn about the following subjects in this domain:

  • Scaling Services Using AWS Tools
  • Security Service Enhancements Available in Virtual Private Cloud (VPC)
  • Architecting Secure Development Enclaves using VPC’s
  • Architecting VPC Networks
  • Creating Secure Datacenter Extensions

Why Yes, We Do Provide Group Training!

We have multiple options for you to lower costs and get more of your people trained.

Schedule

No public dates are currently scheduled. Request Group Training!

 

Request Group Training