AWSSOAWAmazon Web ServicesAW-AWSSO3.0.0<p>In this course, you will: </p> <ul> <li>State an understanding of AWS cloud security based on the CIA triad.</li><li>Create and analyze authentication and authorizations with IAM.</li><li>Manage and provision accounts on AWS with appropriate AWS services.</li><li>Identify how to manage secrets using AWS services.</li><li>Monitor sensitive information and protect data via encryption and access controls.</li><li>Identify AWS services that address attacks from external sources.</li><li>Monitor, generate, and collect logs.</li><li>Identify indicators of security incidents.</li><li>Identify how to investigate threats and mitigate using AWS services.</li></ul><p>We recommend that attendees of this course have: </p> <ul> <li>Completed the following courses:<ul> <li><span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/amazon-sec-ess"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>AWS Security Essentials <span class="fl-prod-pcode">(SEC-ESS)</span></a></span> or</li><li>AWS Security Fundamentals (Second Edition) (digital) and</li><li><span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/amazon-awsa"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Architecting on AWS <span class="fl-prod-pcode">(AWSA)</span></a></span></li></ul></li><li>Working knowledge of IT security practices and infrastructure concepts.</li><li>Familiarity with the AWS Cloud.</li></ul><p>This course is intended for: </p> <ul> <li>Security engineers</li><li>Security architects</li><li>Cloud architects</li><li>Cloud operators working across all global segments.</li></ul><p><strong>Day 1</strong></p> <h5>Module 1: Security Overview and Review</h5><ul> <li>Explain Security in the AWS Cloud.</li><li>Explain AWS Shared Responsibility Model.</li><li>Summarize IAM, Data Protection, and Threat Detection and Response.</li><li>State the different ways to interact with AWS using the console, CLI, and SDKs.</li><li>Describe how to use MFA for extra protection.</li><li>State how to protect the root user account and access keys.</li></ul><h5>Module 2: Securing Entry Points on AWS</h5><ul> <li>Describe how to use multi-factor authentication (MFA) for extra protection.</li><li>Describe how to protect the root user account and access keys.</li><li>Describe IAM policies, roles, policy components, and permission boundaries.</li><li>Explain how API requests can be logged and viewed using AWS CloudTrail and how to view and analyze access history.</li><li>Hands-On Lab: Using Identity and Resource Based Policies.</li></ul><h5>Module 3: Account Management and Provisioning on AWS</h5><ul> <li>Explain how to manage multiple AWS accounts using AWS Organizations and AWS Control Tower.</li><li>Explain how to implement multi-account environments with AWS Control Tower.</li><li>Demonstrate the ability to use identity providers and brokers to acquire access to AWS services.</li><li>Explain the use of AWS IAM Identity Center (successor to AWS Single Sign-On) and AWS Directory Service.</li><li>Demonstrate the ability to manage domain user access with Directory Service and IAM Identity Center.</li><li>Hands-On Lab: Managing Domain User Access with AWS Directory Service</li></ul><p><strong>Day 2</strong></p> <h5>Module 4: Secrets Management on AWS</h5><ul> <li>Describe and list the features of AWS KMS, CloudHSM, AWS Certificate Manager (ACM), and AWS Secrets Manager.</li><li>Demonstrate how to create a multi-Region AWS KMS key.</li><li>Demonstrate how to encrypt a Secrets Manager secret with an AWS KMS key.</li><li>Demonstrate how to use an encrypted secret to connect to an Amazon Relational Database Service (Amazon RDS) database in multiple AWS Regions</li><li>Hands-on lab: Lab 3: Using AWS KMS to Encrypt Secrets in Secrets Manager</li></ul><h5>Module 5: Data Security</h5><ul> <li>Monitor data for sensitive information with Amazon Macie.</li><li>Describe how to protect data at rest through encryption and access controls.</li><li>Identify AWS services used to replicate data for protection.</li><li>Determine how to protect data after it has been archived.</li><li>Hands-on lab: Lab 4: Data Security in Amazon S3</li></ul><h5>Module 6: Infrastructure Edge Protection</h5><ul> <li>Describe the AWS features used to build secure infrastructure.</li><li>Describe the AWS services used to create resiliency during an attack.</li><li>Identify the AWS services used to protect workloads from external threats.</li><li>Compare the features of AWS Shield and AWS Shield Advanced.</li><li>Explain how centralized deployment for AWS Firewall Manager can enhance security.</li><li>Hands-on lab: Lab 5: Using AWS WAF to Mitigate Malicious Traffic</li></ul><p><strong>Day 3</strong></p> <h5>Module 7: Monitoring and Collecting Logs on AWS</h5><ul> <li>Identify the value of generating and collecting logs.</li><li>Use Amazon Virtual Private Cloud (Amazon VPC) Flow Logs to monitor for security events.</li><li>Explain how to monitor for baseline deviations.</li><li>Describe Amazon EventBridge events.</li><li>Describe Amazon CloudWatch metrics and alarms.</li><li>List log analysis options and available techniques.</li><li>Identify use cases for using virtual private cloud (VPC) Traffic Mirroring.</li><li>Hands-on lab: Lab 6: Monitoring for and Responding to Security Incidents</li></ul><h5>Module 8: Responding to Threats</h5><ul> <li>Classify incident types in incident response.</li><li>Understand incident response workflows.</li><li>Discover sources of information for incident response using AWS services.</li><li>Understand how to prepare for incidents.</li><li>Detect threats using AWS services.</li><li>Analyze and respond to security findings.</li><li>Hands-on lab: Lab 7: Incident Response</li></ul>In this course, you will: - State an understanding of AWS cloud security based on the CIA triad. - Create and analyze authentication and authorizations with IAM. - Manage and provision accounts on AWS with appropriate AWS services. - Identify how to manage secrets using AWS services. - Monitor sensitive information and protect data via encryption and access controls. - Identify AWS services that address attacks from external sources. - Monitor, generate, and collect logs. - Identify indicators of security incidents. - Identify how to investigate threats and mitigate using AWS services.We recommend that attendees of this course have: - Completed the following courses: - AWS Security Essentials (SEC-ESS) or - AWS Security Fundamentals (Second Edition) (digital) and - Architecting on AWS (AWSA) - Working knowledge of IT security practices and infrastructure concepts. - Familiarity with the AWS Cloud.This course is intended for: - Security engineers - Security architects - Cloud architects - Cloud operators working across all global segments.Day 1 Module 1: Security Overview and Review - Explain Security in the AWS Cloud. - Explain AWS Shared Responsibility Model. - Summarize IAM, Data Protection, and Threat Detection and Response. - State the different ways to interact with AWS using the console, CLI, and SDKs. - Describe how to use MFA for extra protection. - State how to protect the root user account and access keys. Module 2: Securing Entry Points on AWS - Describe how to use multi-factor authentication (MFA) for extra protection. - Describe how to protect the root user account and access keys. - Describe IAM policies, roles, policy components, and permission boundaries. - Explain how API requests can be logged and viewed using AWS CloudTrail and how to view and analyze access history. - Hands-On Lab: Using Identity and Resource Based Policies. Module 3: Account Management and Provisioning on AWS - Explain how to manage multiple AWS accounts using AWS Organizations and AWS Control Tower. - Explain how to implement multi-account environments with AWS Control Tower. - Demonstrate the ability to use identity providers and brokers to acquire access to AWS services. - Explain the use of AWS IAM Identity Center (successor to AWS Single Sign-On) and AWS Directory Service. - Demonstrate the ability to manage domain user access with Directory Service and IAM Identity Center. - Hands-On Lab: Managing Domain User Access with AWS Directory Service Day 2 Module 4: Secrets Management on AWS - Describe and list the features of AWS KMS, CloudHSM, AWS Certificate Manager (ACM), and AWS Secrets Manager. - Demonstrate how to create a multi-Region AWS KMS key. - Demonstrate how to encrypt a Secrets Manager secret with an AWS KMS key. - Demonstrate how to use an encrypted secret to connect to an Amazon Relational Database Service (Amazon RDS) database in multiple AWS Regions - Hands-on lab: Lab 3: Using AWS KMS to Encrypt Secrets in Secrets Manager Module 5: Data Security - Monitor data for sensitive information with Amazon Macie. - Describe how to protect data at rest through encryption and access controls. - Identify AWS services used to replicate data for protection. - Determine how to protect data after it has been archived. - Hands-on lab: Lab 4: Data Security in Amazon S3 Module 6: Infrastructure Edge Protection - Describe the AWS features used to build secure infrastructure. - Describe the AWS services used to create resiliency during an attack. - Identify the AWS services used to protect workloads from external threats. - Compare the features of AWS Shield and AWS Shield Advanced. - Explain how centralized deployment for AWS Firewall Manager can enhance security. - Hands-on lab: Lab 5: Using AWS WAF to Mitigate Malicious Traffic Day 3 Module 7: Monitoring and Collecting Logs on AWS - Identify the value of generating and collecting logs. - Use Amazon Virtual Private Cloud (Amazon VPC) Flow Logs to monitor for security events. - Explain how to monitor for baseline deviations. - Describe Amazon EventBridge events. - Describe Amazon CloudWatch metrics and alarms. - List log analysis options and available techniques. - Identify use cases for using virtual private cloud (VPC) Traffic Mirroring. - Hands-on lab: Lab 6: Monitoring for and Responding to Security Incidents Module 8: Responding to Threats - Classify incident types in incident response. - Understand incident response workflows. - Discover sources of information for incident response using AWS services. - Understand how to prepare for incidents. - Detect threats using AWS services. - Analyze and respond to security findings. - Hands-on lab: Lab 7: Incident Response3 days1995.001500.001480.001480.001480.001480.001480.001480.001480.001480.001750.001750.001750.001750.001380.001395.001395.001395.001485.001485.001485.001395.001395.001485.002685.002025.002685.002685.00127500.001895.009320.001995.001995.002195.001995.001650.002510.005200.002655.002470.002795.002395.00