AWS Security Engineer

Course name: AWS Security Engineer

Course Duration: 65 Hours.

Certification: The AWS Certified Security – Specialty (SCS-C01)

 

Course Outline

 

PART A: Prerequisites (20 Hours)

 

Linux Basics –Security

 

Get started with Red Hat Enterprise Linux

 

Describe and define open source, Linux distributions. Log into a Linux system and run simple  commands using the shell. Create, manage, and delete local users and groups, as well as administer local password policies.

 

Manage networking and remote login

 

Configure network interfaces and settings on Linux servers. Configure secure command-line service on remote systems, using  OpenSSH.

 

Manage file permissions 

 

Interpret and set access control lists (ACLs) on files to handle situations requiring complex user and group access permissions. 

 

Monitor and manage Linux

 

Evaluate and control processes running on Linux systems. Control and monitor network services and system daemons using systemd. Install and manage software packages using yum package repositories

 

Analyse system issues

 

Locate and accurately interpret logs of system events for troubleshooting purposes. 

 

Manage Linux Firewall


Create, modify and remove Linux Firewall rules using firewalld.

 

Windows Server Basics –Security

 

Active Directory Domain Service( ADDS) to create and manage the Domain

 

Installing Windows Server 2016 and Windows 10, Installing ADDS in Windows Server 2016, Configuring the DNS Server, Joining the Windows 10 to Domain

 

Creating and assigning a policies to users and computers through GPMC

 

Creating Organization Units (OU), moving the user objects to OU, Creating a GPO, Configuring the Policies in GPO, Linking the GPO to OU, Site and Domain. Verifying the policies when user login to domain from member client.

 

Securing the resources  in the server through permission and encryption

 

Creating partitions in Disk management, Creating a Files and Folders, Creating users and groups, assigning the permissions for users and groups on resources. Configuring Bit locker drive encryption.

 

Configuring the Windows Firewall Settings

 

Creating and configuring Inbound and Outbound Rules

 

Configuring the VPN Server and RRAS.

 

Installing Remote Access Server (RAS), Configuring the VPN Server and VPN Client, Configuring the server for Routing.

 

Monitoring the Server through Performance monitor and event logs

 

Active Directory Certificate Services (ADCS) to create and assign certificates to users and systems.

 

Installing ADCS Role in the Domain environment, creating a certificate for web server, Installing and configuring IIS web site for HTTPS.

 

PART B: AWS Security (45 Hours)

 

1. Incident Response 

 

Introduction to Incident response. Incident Response in Cloud. AWS EC2 Abuse Notice. Dealing with Exposed Access Keys. Compromised Access and Secret Keys. Evaluate Suspected Compromised EC2 Instance. Working on AWS Guard Duty. Penetration Testing Tools

 

2. Logging and Monitoring

 

Introduction to Logging and Monitoring. Continuous Security Monitoring. Introduction to Vulnerability Assessment. Working on AWS Inspector. Configuring AWS EC2 Systems Manager. Configuring AWS Config Service. Understanding CloudWatch. Trusted Advisor. AWS Athena. CloudWatch Evnents. AWS Macie. S3 Event Notifications

 

3. Infrastructure Security

 

Introduction to Information Security. AWS Master Account and Policies. Managing Organizational Units. Configuring Web Distribution in CloudFront. Security benefits of CloudFront Distributions. Dynamic Caching with CloudFront. AWS CloudFRont Cutom SSL. CloudFront and Server name Indication(SNI). Introduction to Firewalls. Modes of Firewall. Architecting Firewall Rules. Revising Security Groups. IPTABLES and Instance Meta Data. Configuring Network Access Control Lists(NACL). Overview Architecture of Intrusion Prevention Systems(IPS). Configuring Web Application Firewall. AWS Shield. Network Segmentation. Implementing Bastion Hosts. Configuring Virtual private Cloud(VPC). Configuring Virtual private network(VPN). VPC Peering and VPC Endpoints. EC2 and Key Pair. API Gateway. Ec2 Tenancy. Compliance Frameworks and AWS Artifacts. AWS Lambda and S3-Configuring Event Triggers. AWS Simple Email Service(SES). CustomDNS Server for Your VPC.

 

4. Identity and Access Management

 

Introduction to Identity and Access management. Understanding the Principle of least Privilege. Creating and applying IAM Policies. Troubleshooting Conflicting Policies. Understanding Delegation. Revoking IAM Role Temporary Security Credentials. Understanding Federation. Web Identity federation. AWS Cognito User Pool and Identity PoolSingle Sign On. Security Assertion mark-up Language. AWS Directory Service. Joining instance to Domain. S3 Security – S3 ACL, Bucket Policy, Signed URLs. S3 Versioning and Cross-Region Replication.

 

5. Data Protection

 

Introduction to Data protection. Understanding Cryptography. Types of Cryptography. Hardware Security Modules(HSM). AWS key Management Service(KMS). KMS Authentication and Access Control. Policy Conditions with AWS KMS. Cross Account Access to Customer master Key(CMK). Rotating Customer master Keys. Policy Evaluation-KMS Key Policies and IAM Policies. CLoudTrail and Encryption. EBS Architecture and Secure Data Wiping. AWS Kinesis Encryption. AWS Glacier.

There are many ways to learnHow to Apply

  • 1

    REGISTRATION

  • 2

    DOCUMENTATION

  • 3

    Get started now

CONTACT NOW

Please fill our short form and one of our friendly team members will contact you back.

X
CONTACT NOW