Training AWS

Training goals

code: AWS-SBP

Currently, the average cost of a security breach can be upwards of $4 million. AWS Security Best Practices provides an overview of some of the industry best practices for using AWS security and control types. This course helps you understand your responsibilities while providing valuable guidelines for how to keep your workload safe and secure. You will learn how to secure your network infrastructure using sound design options. You will also learn how you can harden your compute resources and manage them securely. Finally, by understanding AWS monitoring and alerting, you can detect and alert on suspicious events to help you quickly begin the response process in the event of a potential compromise.

Course objectives

In this course, you will learn to:

  • Design and implement a secure network infrastructure
  • Design and implement compute security
  • Design and implement a logging solution

Intended audience

This course is intended for:

  • Solutions architects, cloud engineers, including security engineers, delivery and implementation engineers, professional services, and Cloud Center of Excellence (CCOE)

Conspect Show list

  • Module 1: AWS Security Overview
    • Shared responsibility model
    • Customer challenges
    • Frameworks and standards
    • Establishing best practices
    • Compliance in AWS
  • Module 2: Securing the Network
    • Flexible and secure
    • Security inside the Amazon Virtual Private Cloud (Amazon VPC)
    • Security services
    • Third-party security solutions
  • Lab 1: Controlling the Network
    • Create a three-security zone network infrastructure.
    • Implement network segmentation using security groups, Network Access Control Lists (NACLs), and public and private subnets.
    • Monitor network traffic to Amazon Elastic Compute Cloud (EC2) instances using VPC flow logs.
  • Module 3: Amazon EC2 Security
    • Compute hardening
    • Amazon Elastic Block Store (EBS) encryption
    • Secure management and maintenance
    • Detecting vulnerabilities
    • Using AWS Marketplace
  • Lab 2: Securing the starting point (EC2)
    • Create a custom Amazon Machine Image (AMI).
    • Deploy a new EC2 instance from a custom AMI.
    • Patch an EC2 instance using AWS Systems Manager.
    • Encrypt an EBS volume.
    • Understand how EBS encryption works and how it impacts other operations.
    • Use security groups to limit traffic between EC2 instances to only that which is encrypted.
  • Module 4: Monitoring and Alerting
    • Logging network traffic
    • Logging user and Application Programming Interface (API) traffic
    • Visibility with Amazon CloudWatch
    • Enhancing monitoring and alerting
    • Verifying your AWS environment
  • Lab 3: Security Monitoring
    • Configure an Amazon Linux 2 instance to send log files to Amazon CloudWatch.
    • Create Amazon CloudWatch alarms and notifications to monitor for failed login attempts.
    • Create Amazon CloudWatch alarms to monitor network traffic through a Network Address Translation (NAT) gateway.
Download conspect training as PDF

Additional information

Prerequisites

Before attending this course, participants should have completed the following:

  • AWS Security Fundamentals
  • AWS Security Essentials
Difficulty level
Duration 1 day
Certificate

The participants will obtain certificates signed by AWS (course completion).
Trainer

AWS Authorized Instructor (AAI)

Other training AWS | Security

AWS show more courses
Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

PRICE 300 EUR

FORM OF TRAINING ?

 

TRAINING MATERIALS ?

 

SELECT TRAINING DATE

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

Upcoming AWS training

Training schedule AWS