Duration

1 day

Audience:

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

We recommend that attendees of this course have:

  • Working knowledge of IT security practices and infrastructure concepts, familiarity with cloud computing concepts

Course Description:

This course covers fundamental AWS cloud security concepts, including AWS access control, data encryption methods, and how network access to your AWS infrastructure can be secured. Based on the AWS Shared Security Model, you learn where you are responsible for implementing security in the AWS Cloud and what security-oriented services are available to you and why and how the security services can help meet the security needs of your organization.

What You’ll Learn

In this course, you will learn how to:

  • Assimilate Identify security benefits and responsibilities of using the AWS Cloud
  • Describe the access control and management features of AWS
  • Explain the available methods for providing encryption of data in transit and data at rest when storing your data in AWS.
  • Describe how to secure network access to your AWS resources
  • Determine which AWS services can be used for monitoring and incident response

Who Needs to Attend

This course is intended for:

  • Security IT business-level professionals interested in cloud security practices
  • Security professionals with minimal to no working knowledge of AWS

Course Outline

Module 1: Security on AWS

  • Security design principles in the AWS Cloud
  • AWS Shared Responsibility Model

Module 2: Security OF the Cloud

  • AWS Global Infrastructure
  • Data center security
  • Compliance and governance

Module 3: Security IN the Cloud – Part 1

  • Identity and access management
  • Data protection essentials
  • Lab 01 – Introduction to security policies

Module 4: Security IN the Cloud – Part 2

  • Securing your infrastructure
  • Monitoring and detective controls
  • Lab 02 – Securing VPC resources with Security Groups

Module 5: Security IN the Cloud – Part 3

  • DDoS mitigation
  • Incident response essentials
  • Lab 03 – Remediating issues with AWS Config Conformance Packs

Module 6: Course Wrap Up

  • AWS Well-Architected tool overview
  • Next Steps