This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.
This four day version of the Security Engineering course includes the associated AWS Jam on the final day. In this AWS Jam, a gamified event, you will work in a team, competing to score points by completing a series of challenges according to established best practices based on concepts covered in the Security Engineering course. You will get to experience a wide range of AWS services in a series of real-world scenarios that represent common operational and troubleshooting tasks. The end result is developing, enhancing, and validating your skillsets in the AWS Cloud through real-world problem solving, exploring new services, features, and understand how they interoperate.
This course is intended for:
- Security engineers
- Security architects
- Security operations
- Information security
This course allows you to test new skills and apply knowledge to your working environment through a variety of practical exercises.
We recommend that attendees of this course have the following prerequisites:
- AWS Cloud Practitioner Essentials
- AWS Security Fundamentals
- Architecting on AWS
- Working knowledge of IT security practices and infrastructure concepts
- Familiarity with cloud computing concepts
Delegates will learn how to
In this course, you will learn how to:
- Assimilate and leverage the AWS shared security responsibility model
- Architect and build AWS application infrastructures that are protected against the most common security threats
- Protect data at rest and in transit with encryption
- Apply security checks and analyses in an automated and reproducible manner
- Configure authentication for resources and applications in the AWS Cloud
- Gain insight into events by capturing, monitoring, processing, and analyzing logs
- Identify and mitigate incoming threats against applications and data
- Perform security assessments to ensure that common vulnerabilities are patched and security best practices are applied
- Welcome and introductions
- Introduction to Security on AWS
Identifying entry points on AWS
- Ways to access the platform
- IAM policies
- Securing entry points
- Incident response
Lab - cross-account authentication
Security Considerations - Web Applications
- Security points in an AWS web application environment
- Analyse a three-tier application model and identify common threats
- Assess environments to improve security
- Securing EC2 instances
- Assess vulnerabilities with Inspector
- Apply security in an automated way using Systems Manager
- Isolate a compromised instance
Lab - Assessing Security with Inspector and Systems Manager
Securing Networking Communications - Part 1
- Apply security best practices to VPC
- Implement an ELB device as a protection point
- Protect data in transit using certificates
- Protect data at rest using encryption and access controls
- AWS services used to replicate data
- Protect archived data
Security Considerations: Hybrid Environments
- Security points outside of a VPC
- Common DoS threats
Monitoring and Collecting Logs on AWS
- Monitor events and collect logs with CloudWatch
- Use Config to monitor resources
- AWS-native services that generate and collect logs
Lab - Server Log Analysis Part 1 - collect logs
Processing Logs on AWS
- Stream and process logs for further analysis
- AWS services used to process logs from S3 buckets
Lab - Server Log Analysis Part 2 - analyse logs
Securing Networking Communications - Part 2
- Identify AWS services used to connect on-premise to AWS
- Data protection between on-premise and AWS
- Securely access VPC resources in other accounts
- Use Route 53 to isolate attacks
- Implement WAF to protect applications
- Use CloudFront to deliver content securely
- Protect applications using Shield
Account Management on AWS
- Manage multiple accounts
- Use identity providers / brokers to acquire access to AWS services
Lab - AWS Federated Authentication with ADFS
Security Considerations: Serverless Environments
- How to secure data in a serverless environment
- Use Cognito to authorize users
- Control API access with API Gateway
- Use AWS messaging services securely
- Secure Lambda functions
Lab - Monitor and Respond with Config and Lambda
Secrets Management on AWS
- Manage key and data encryption with KMS
- Describe how CloudHSM is used to generate and secure keys
- Use Secrets Manager to authenticate applications
Lab - Using KMS
Security Automation on AWS
- Deploy security-oriented AWS environments in a reproducible manner
- Provide management and control of IT services to end-users in a self-serve manner
Lab - Security Automation on AWS with Service Catalog
Threat Detection and Sensitive Data Monitoring
- Threat detection and monitoring for malicious or unauthorized behaviour
- Leverage machine learning to gain visibility into how sensitive data is being managed in the AWS Cloud
Frequently asked questionsSee all of our FAQs
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
Learn more about our Virtual Classrooms.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
Learn more about QA’s online courses.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.