Kurser

3 dages virtuelt kursus 
Online læring med live underviser

Security Engineering on AWS

Kontakt os på tlf. 7220 3000 eller skriv til  kurser@teknologisk.dk for at høre mere.

Ingen planlagte afholdelser.
DKK  21.499
ekskl. moms
Nr. 87925 P

Lær, hvordan du effektivt bruger AWS sikkerheds services til at forblive sikker og kompatibel i AWS skyen. Kurset fokuserer på best practices sikkerhedsanbefalinger fra AWS som du kan anvende til at styrke sikkerheden af din data og dine systemer.

Virtuelt kursus - stor

Stay secure and complaint in the AWS cloud

Security Operations on AWS demonstrates how to efficiently use AWS security services to stay secure and compliant in the AWS cloud. The course focuses on the AWS-recommended security best practices that you can implement to enhance the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. This course also refers to the common security control objectives and regulatory compliance standards and examines use cases for running regulated workloads on AWS across different verticals, globally. You will also learn how to leverage AWS services and tools for automation and continuous monitoring—taking your security operations to the next level.

Deltagerprofil

This course is intended for security engineers, security architects, security analysts, security auditors, and individuals who are responsible for governing, auditing, and testing an organization’s IT infrastructure, and ensuring conformity of the infrastructure to security, risk, and compliance guidelines.

Forudsætninger

We recommend that attendees of this course have attended AWS Security Fundamentals, experience with governance, risk, and compliance regulations and control objectives, working knowledge of IT security practices, working knowledge of IT infrastructure concepts, and familiarity with cloud computing concepts.

Det får du på det virtuelle kursus

Vi sørger for at rammerne er i orden, så du kan fokusere på at lære

Hos Teknologisk Institut bruger vi kun erfarne undervisere.

Erfaren underviser

Materiale på engelsk

Materiale på engelsk

Undervisning på engelsk

Undervisning på engelsk

Content

This course teaches you how to:

  • Assimilate and leverage the AWS shared security responsibility model
  • Mange user identity and access management in the AWS cloud
  • Use AWS security services such as AWS Identity and Access Management, Amazon Virtual Private Cloud, AWS Config, AWS CloudTrail, AWS Key Management Service, AWS CloudHSM, and AWS Trusted Advisor
  • Implement better security controls for your resources in the AWS cloud
  • Manage and audit your AWS resources from a security perspective
  • Monitor and log access and usage of AWS compute, storage, networking, and database services
  • Assimilate and leverage the AWS shared compliance responsibility model
  • Identify AWS services and tools to help automate, monitor, and manage security operations on AWS
  • Perform security incident management in the AWS cloud

Introduktion
  • Welcome and introductions
  • Introduction to Security on AWS
Identifying entry points on AWS
  • Ways to access the platform
  • IAM policies
  • Securing entry points
  • Incident response
  • Lab - cross-account authentication
Security Considerations - Web Applications
  • Security points in an AWS web application environment
  • Analyse a three-tier application model and identify common threats
  • Assess environments to improve security
Application Security
  • Securing EC2 instances
  • Assess vulnerabilities with Inspector
  • Apply security in an automated way using Systems Manager
  • Isolate a compromised instance
  • Lab - Assessing Security with Inspector and Systems Manager
Securing Networking Communications - Part 1
  • Apply security best practices to VPC
  • Implement an ELB device as a protection point
  • Protect data in transit using certificates
Data Security
  • Protect data at rest using encryption and access controls
  • AWS services used to replicate data
  • Protect archived data
Security Considerations: Hybrid Environments
  • Security points outside of a VPC
  • Common DoS threats
Monitoring and Collecting Logs on AWS
  • Monitor events and collect logs with CloudWatch
  • Use Config to monitor resources
  • AWS-native services that generate and collect logs
  • Lab - Server Log Analysis Part 1 - collect logs
Processing Logs on AWS
  • Stream and process logs for further analysis
  • AWS services used to process logs from S3 buckets
  • Lab - Server Log Analysis Part 2 - analyse logs
Securing Networking Communications - Part 2
  • Identify AWS services used to connect on-premise to AWS
  • Data protection between on-premise and AWS
  • Securely access VPC resources in other accounts
Out-Of-Region Protection
  • Use Route 53 to isolate attacks
  • Implement WAF to protect applications
  • Use CloudFront to deliver content securely
  • Protect applications using Shield
Account Management on AWS
  • Manage multiple accounts
  • Use identity providers / brokers to acquire access to AWS services
  • Lab - AWS Federated Authentication with ADFS
Security Considerations: Serverless Environments
  • How to secure data in a serverless environment
  • Use Cognito to authorize users
  • Control API access with API Gateway
  • Use AWS messaging services securely
  • Secure Lambda functions
  • Lab - Monitor and Respond with Config and Lambda
Secrets Management on AWS
  • Manage key and data encryption with KMS
  • Describe how CloudHSM is used to generate and secure keys
  • Use Secrets Manager to authenticate applications
  • Lab - Using KMS
Security Automation on AWS
  • Deploy security-oriented AWS environments in a reproducible manner
  • Provide management and control of IT services to end-users in a self-serve manner
  • Lab - Security Automation on AWS with Service Catalog
Threat Detection and Sensitive Data Monitoring
  • Threat detection and monitoring for malicious or unauthorized behaviour
  • Leverage machine learning to gain visibility into how sensitive data is being managed in the AWS Cloud

Form

Dette virtuelle kursus foregår på din egen computer live via GoToMeeting med en engelsktalende underviser. Under kurset har du mulighed for at stille spørgsmål, deltage i diskussioner, se whiteboard på din skærm og lave lab øvelser.

Bemærkning

Please note: Effective 15th August 2022 the labs for all AWS courses will be delivered through AWS Builder labs. In order to access these labs you will need to have an Amazon account (used for Amazon.com/.co.uk retail). You can choose to use your existing Amazon account or you can elect to set up a new account utilising a new email address (such as Hotmail, Gmail, Yahoo etc etc). You can set up your new Amazon account here.
 
Please ensure that you have set up this Amazon account set up in advance of attending your class. Your Amazon account credentials will be used to access the AWS Builder lab environment that you will utilise during your course.
 
In order to access your digital course materials you are required to set up a Gilmore account in advance of attending your course. To do this please follow this link.

 

Søgte du et andet virtuelt kursus?

Vi tilbyder virtuelle kurser inden for mange forskellige områder. Kontakt os på tlf. 72203000 eller kurser@teknologisk.dk, så vi kan hjælpe med at imødekomme dit behov.

Læs mere om vores virtuelle kurser og se svar på dine spørgsmål (FAQ).

25656
Underviser

Undervisningen varetages af en erfaren underviser fra Teknologisk Instituts netværk bestående af branchens dygtigste undervisere.

Vil du vide mere?

FAQ - Virtuelle og hybride kurser

De oftest stilede spørgsmål om vores virtuelle og hybride kurser.

Læs mere