COURSE IS SELF-PACED, AVAILABLE ON DEMAND
DURATION: 6 hours
CPE POINTS: On completion you get a certificate granting you 6 CPE points.
The course starts on the 11th of December 2023.
"AWS Security Essentials: Building a Resilient Cloud Defense" is a concise course that provides essential knowledge and skills to secure your Amazon Web Services (AWS) cloud infrastructure effectively. Learn key security principles and best practices to safeguard your AWS resources and data against threats and vulnerabilities.
Who is this course for?
This course is intended for:
- Cloud Administrators
- DevOps Engineers
- Security Analysts
- System Architects
- Students and Aspiring Cloud
- Anyone concerned about the security of their data and applications in the AWS cloud
Why take it NOW?
Now is a great time to learn about AWS security because the demand for secure cloud solutions is rapidly growing. With businesses increasingly relying on the cloud for their operations, there is a pressing need for professionals who can ensure the safety of sensitive data and applications. By mastering AWS security now, individuals can position themselves for lucrative career opportunities and make a significant impact in the field of cloud security.
Why this course?
Students should eagerly learn this topic because AWS Security Essentials equips them with crucial skills to protect their cloud infrastructure from cyber threats, ensuring data integrity, confidentiality, and availability. In an increasingly digital world, this knowledge is vital for securing sensitive information and maintaining the trust of customers and stakeholders.
Course benefits:
What skills will you gain?
In the course, you will learn several essential skills related to securing your cloud infrastructure on Amazon Web Services (AWS). These skills include:
- Identity and Access Management (IAM): You will learn how to manage user identities and permissions effectively, ensuring that only authorized individuals have access to AWS resources.
- Network Security: You'll gain skills in configuring and securing your Virtual Private Cloud (VPC), implementing network access control, and setting up security groups to protect your AWS network.
- Data Protection: Learn how to protect data at rest and in transit using encryption mechanisms, such as AWS Key Management Service (KMS).
- Monitoring and Incident Response: You'll understand how to set up monitoring and logging to detect security incidents and respond effectively to security breaches.
- DDoS Mitigation: Learn to protect your AWS infrastructure against Distributed Denial of Service (DDoS) attacks using AWS Shield and Web Application Firewall (WAF).
What will you learn about?
When it comes to what you will learn, a key focus is on security. This is crucial in cloud services because it is vital to keep your data restricted, controlled, monitored, and properly secured. Specifically, you will gain expertise in setting up AWS securely, where security is the top priority. Additionally, you will become proficient in various AWS services that handle user access, resource monitoring, and data protection through encryption.
What tools will you use?
The course will primarily use the Amazon Web Services (AWS) cloud infrastructure as a platform for running lab exercises and hands-on projects.
Course general information:
Course format:
- Self-paced
- Pre-recorded
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
What will you need?
In order to take the course, students will need the following hardware and software:
- A computer with internet access
- A web browser
- An AWS account (or access to one)
- AWS CLI
What should you know before you join?
Before joining the course, it would be beneficial for students to have:
- Familiarity with basic computer usage and navigation
- Basic knowledge of SQL
- Basic knowledge of Linux/Unix command line interface
- Basic knowledge of computer networking
YOUR INSTRUCTOR: Afshan Naqvi
Afshan is a skilled professional in cybersecurity. Currently working as an OSINT analyst at an Israeli firm, she is adept at gathering insights from open-source information. Beyond her analytical role, Afshan is a cybersecurity instructor at SOC Experts and Securzy.io organizations, where she brings real-world understanding to her teaching. Her previous experience as an AWS administrator adds to her expertise, backed by her AWS Cloud Practitioner certification and involvement in the AWS Community Builder program. On top of all that, she runs a YouTube channel called AFS Hackers Academy, where she shares her insights and knowledge with a wider audience.
COURSE SYLLABUS
Module 1
Introduction to AWS Cloud Security
This module provides a foundational overview of key concepts and practices essential for securing your AWS resources.
- Understanding the importance of cloud security
- Shared Responsibility Model in AWS
- Creating Your AWS Account from Scratch - Demo
- AWS Global Infrastructure
Module 2
Identity and Access Management (IAM) Security
IAM is the cornerstone of securing AWS resources, ensuring that only authorized individuals and systems can access sensitive data and critical services. Throughout this module, participants will gain a deep understanding of IAM's role in the shared responsibility model, learn how to create and manage IAM users and roles, explore best practices for defining permissions and policies, and discover advanced IAM features.
- What is Identity and Access Management?
- How AWS IAM Ensures Safe Access Management
- Overview of the User Dashboard
- Creating and Managing IAM Users - Demo
- How to Manage Multiple Users with IAM User Groups - Demo
- IAM Roles
- Service Role VS Service-Linked Roles
- How to Grant Temporary Access for Users
- Enabling Cross-Account Access via IAM
- Utilizing IAM Policies for Setting and Controlling Permissions
Module 3
Advanced Security Services in AWS
These tools will help you make your cloud environment more secure, especially when dealing with the more advanced and tricky security threats that are out there.
- AWS Secret Manager
- Web Application Firewall (WAF)
- Amazon GuardDuty
- Amazon Inspector
- AWS Shield
- CloudHSM
- Amazon Macie
Module 4
Data Security and Encryption
In this module, we will start by learning the basics of encryption, which is like putting your data in a secret code to keep it safe. We will understand how to protect data and make sure it stays private and unchanged.
- Encryption Basics
- Server-Side Encryption (SSE)
- Client-Side Encryption
- Data protection best practices
Module 5
Enhancing Your Security Standing with Amazon S3
In this module, we will focus specifically on securing one of the most used AWS services: Amazon S3 (Simple Storage Service). By the end of this module, you will have a comprehensive understanding of how to enhance the security of your Amazon S3 buckets, protecting your valuable data from unauthorized access, data loss, and other security threats.
- Amazon S3 Security Fundamentals
- Bucket Policies and Access Controls
- Versioning and Data Recovery
- Cross-Origin Resource Sharing (CORS)
- AWS Key Management Service (KMS)
- Using Amazon Key Management Service to Encrypt S3 Data - Demo
- Using Amazon Key Management Service to Encrypt EBS Data -Demo
- S3 Bucket Rules to Limit Specific Permissions – Demo
- S3 Security Best Practices
Module 6
Network Security and Virtual Private Cloud (VPC)
In this module, you will learn how to keep your Amazon Web Services (AWS) Virtual Private Clouds (VPCs) safe and secure. We will show you the basics of VPCs, help you design secure networks, and teach you how to control who can access them. You will also discover how to set up secure connections between different networks and use advanced AWS tools for extra protection. We will use real examples and hands-on activities to make sure you can apply what you have learned to keep your networks safe in AWS.
- Understand the Importance of Network Security
- AWS Virtual Private Cloud (VPC) Basics
- Design Secure VPCs
- Implement Network Access Controls
- Establish VPC Peering and VPN Connections
- Utilize AWS Direct Connect
- AWS Transit Gateway for network scaling
- VPC Endpoints for secure access to AWS services
- Network security best practices and case studies
- Lab Exercises and Hands-On Practice
Module 7
Security Monitoring and Logging
In this module, students will dive into the world of security monitoring and logging. They will learn how to keep a vigilant eye on their IT infrastructure to proactively detect and respond to security incidents. We will cover the fundamentals of real-time visibility into network activity, system behavior, and user actions. Participants will explore industry best practices and key tools for collecting, analyzing, and interpreting security-related data.
- AWS CloudTrail for auditing
- AWS Config for compliance
- Amazon CloudWatch for monitoring
Module 8
Securing Amazon EC2 Instances
This module covers two key aspects of EC2 security. First, "GuardDuty" shows how to detect and respond to threats. Second, "Isolation" explains network measures to enhance protection. Gain hands-on skills to secure EC2 instances effectively.
- EC2 Instance Security Best Practices
- Instance Image Hardening
- Instance Termination and Decommissioning
- Identifying Security Risks in EC2 Instances with Amazon GuardDuty
- Securing EC2 Instances through Network Isolation Measures
Final Exam
Creation of new functions and commands based on the teachings of the class.
QUESTIONS?
If you have any questions, please contact our eLearning Manager at [email protected].
Course Reviews
No Reviews found for this course.