.svg)
.svg)
.svg)
Machine Learning Engineer
Day 1
Module 1: Security on AWS
- Security in the AWS Cloud
- AWS model of shared responsibility
- Overview of the response to incidents
- DevOps with security technology
Module 2: Identification of entry points in AWS
- Identify the different access options to the AWS platform
- Understanding IAM guidelines
- IAM authorization limit
- IAM access analyzer
- Multi-factor authentication
- AWS CloudTrail
- Exercise 01: Cross-account access
Module 3: Security considerations: Web application environments
- Threats in a three-tier architecture
- Common threats: User access
- Common threats: Data access
- AWS Trusted Advisor
Module 4: Application security
- Amazon Machine Images
- Amazon Inspector
- AWS Systems Manager
- Exercise 02: Using AWS Systems Manager and Amazon Inspector
Module 5: Data security
- Strategies for protecting data
- Encryption on AWS
- Protection of data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB
- Protection of archived data with Amazon S3 Glacier
- Amazon S3 Access Analyzer
- Amazon S3 access points
Day 2
Module 6: Securing network communication
- Amazon VPC security considerations
- Amazon VPC traffic mirroring
- Responding to vulnerable instances
- Elastic load compensation
- AWS Certificate Manager
Module 7: Monitoring and recording logs on AWS
- Amazon CloudWatch and CloudWatch protocols
- AWS configuration
- Amazon Macie
- Amazon VPC flow protocols
- Amazon S3 server access protocols
- ELB access logs
- Exercise 03: Monitoring and reacting with AWS Config
Module 8: Processing logs on AWS
- Amazon Kinesis
- Amazon Athena
- Exercise 04: Web server protocol analysis
Module 9: Security considerations: Hybrid Environments
- AWS site-to-site and client VPN connections
- AWS direct connection
- AWS Transit Gateway
Module 10: Out-of-region protection
- Amazon Route 53
- AWS WAF
- Amazon CloudFront
- AWS protective shield
- AWS Firewall Manager
- DDoS defense on AWS
Day 3
Module 11: Security Considerations: Serverless Environments
- Amazon Cognito
- Amazon API Gateway
- AWS Lambda
Module 12: Detection and investigation of threats
- Amazon GuardDuty
- AWS Security Hub
- Amazon Detective
Module 13: Management of secrets in AWS
- AWS KMS
- AWS CloudHSM
- AWS Secret Manager
- Exercise 05: Using AWS KMS
Module 14: Automation and safety by design
- AWS CloudFormation
- AWS Service Catalog
- Exercise 06: Security automation on AWS with AWS Service Catalog
Module 15: Account management and provisioning in AWS
- AWS organizations
- AWS control tower
- AWS SSO
- AWS directory service
- Exercise 07: Federated access with ADFS
- Identify the security benefits and responsibilities of using the AWS Cloud
- Building secure application infrastructures
- Protection of applications and data against general security threats
- Performing and automating security checks
- Configuring authentication and authorizations for applications and resources
- Monitoring AWS resources and responding to incidents
- Recording and processing logs
- Create and configure automated and repeatable deployments with tools such as AMIs and AWS CloudFormation
This course prepares you to achieve the following official AWS certification:
AWS Certified Security - Specialty.
This course consists of 3 full-day sessions led by a trainer who supervises the participants live. The course consists of theoretical parts with live demonstrations and practical lab exercises. This course takes place via Zoom.
This course is aimed at the following job roles:
- Cyber Security
- Data analytics
It is recommended that participants have attended the following course (or have equivalent knowledge):
Architecting on AWS.
.svg)
