The AWS Certified Security Specialty certification course provides comprehensive training in advanced cloud security and securing applications within the AWS environment. By completing this course, participants will be able to understand the AWS shared security responsibility model, design robust security infrastructures to thwart common threats, implement advanced encryption methods to protect data, and employ automated security checks. They'll also learn how to configure secure authentication, analyze logs for security insights, and respond to security incidents. Prerequisites include a foundational knowledge of AWS Cloud, AWS Security fundamentals, and a background in IT security practices. This knowledge will enable you to effectively secure your organization’s AWS infrastructure and protect it against cyber threats. With our AWS Certified Security Specialty Training, you will acquire the necessary knowledge to successfully pass the certification exam and gain hands-on experience in advanced cloud security.
Course Objectives:
In this course, you will learn to:
- Identify security benefits and responsibilities when using the AWS Cloud
- Describe the access control and management features of AWS
- Understand the different data encryption methods to secure sensitive data
- Describe how to secure network access to your AWS resources
- Determine which AWS services can be used for monitoring and incident response.
- Understand and apply the AWS shared security responsibility model to ensure clear demarcation of security ownership.
- Design and implement secure AWS application infrastructures to guard against prevalent security threats.
- Implement strategies to protect data at rest and in transit using advanced encryption methods.
- Utilize automated tools for consistent security checks and vulnerability analyses across AWS resources.
- Configure robust authentication mechanisms to control access to AWS resources and applications.
- Monitor and analyze logs effectively to gain insights into operational and security events within the AWS ecosystem.
- Identify potential security threats and implement strategies to mitigate risks to applications and data.
- Conduct thorough security assessments to identify vulnerabilities and enforce adherence to security best practices.
- Manage AWS accounts securely and understand the implications of security settings and policies.
- Learn to automate security responses and incident resolution to enhance the overall security posture on AWS.
Course content
Introduction to Cloud Security
- What is Cloud Security?
- Benefits of Cloud Security
Secure Global Infrastructure and Compliance
- Region, Availability Zones
- VPC Endpoints
- IAM and Compliance
Security of the Cloud
- Shared responsibility model
- AWS Global Infrastructure
- Compliance and governance
- Trusted Advisor
Incident Response
- What is incident response in cloud?
- Foundation of incident response
- Prepare for cloud security – People and technology
- Simulate incident response
- Shared responsibility model and AWS CAF
- Where do cloud security events occur?
- Amazon GuardDuty and its concepts
- Incident response plan
- CloudEndure disaster recovery
- Amazon detective
Lab:
- Amazon GuardDuty
- Amazon detective
Logging and Monitoring
- Introduction to CloudWatch
- Metrics and namespaces
- CloudWatch architecture
- Dashboards in CW
- CloudWatch alarms
- CloudWatch logs
- Pricing and design patterns
- Introduction to CloudTrail
- Accessing CloudTrail and tracking API usage
Lab:
- Creating a CloudWatch dashboard and adding metrics
- Creating a CloudWatch alarm that triggers according to the CPU utilization of an EC2 instance
- Creating a billing alarm
- Creating a log group
- Creating a trail
Infrastructure Security
- Network security
- Network monitoring and protection
- Firewalls and DDoS
- Content delivery networks and edge locations
- Intrusion detection and prevention systems
- AWS Shield
- AWS CloudFront and Signed URLs
- Lambda@Edge
- AWS Network Firewall
Lab:
- Creating and configuring an AWS network firewall
- Creating a stateful rule group in network firewall
Identity and Access Management
- Pre-IAM and why access management?
- Amazon resource name (ARN) and IAM features
- Multi-factor authentication (MFA) in IAM and JSON
- IAM policies and IAM permissions
- IAM roles
- Identity federation and pricing
- Data access and protection essentials
Lab:
- Creating IAM users and a group
- Creating an IAM policy and attaching it to the group
- Creating an IAM role
- Setting up MFA for a user
- Introduction to Security Policies
Data Protection
- Introduction to cryptography
- Cryptography terminologies and concepts
- Symmetric and asymmetric key encryption
- CloudHSM
- AWS KMS
- Data protection in KMS
- KMS policy evaluation logic
- AWS secrets manager
Lab:
- Importing key material to KMS
- Creating a secret and rotating it using AWS secrets manager
- Deploying SSL-TLS certificate with ACM
Protecting Infrastructure and Data
- Protecting your network infrastructure
- Edge Security
- DDoS Mitigation
- Protecting compute resources
- Lab: Securing VPC Resources with Security Groups
Detection and Response
- Monitoring and detective controls
- Incident response essentials
To see the full course content Download now
Course Prerequisites
- Working knowledge of IT security practices and infrastructure concepts
- Familiarity with cloud computing concepts
- Virtualization concepts
- Basic understanding of networking and OS concepts
- Working knowledge of IT security practices and infrastructure concepts and familiarity with cloud computing concepts.
Who can attend
- IT business-level professionals interested in cloud security practices
- Security professionals with minimal working knowledge of AWS
- Those who are working in cloud computing and security domains looking to specialize in AWS Security Architecture
- Security Engineers
- Security Architects
- Information Security Professionals
- Cloud Security Specialists
- IT Security Analysts
- Cloud Architects
- Cloud Engineers with a focus on security
- Systems Administrators with responsibilities in security
- Network Security Professionals
- DevOps/DevSecOps Engineers
- Security Consultants working with cloud services
- Compliance Officers dealing with cloud-based infrastructure
- Cybersecurity Analysts focusing on cloud security threats
- IT Professionals aiming to gain AWS security expertise
- Technical Auditors involved in cloud security audits
- Incident Response Teams working with AWS environments
Number of Hours: 40hrs
Certification
Key features
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Virtual Live Experience
- Preparing for Certification
FAQs
DASVM Technologies offers 300+ IT training courses with 10+ years of Experienced Expert level Trainers.
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Materials
- Preparing for Certification
Call now: +91-99003 49889 and know the exciting offers available for you!
We working and coordinating with the companies exclusively to get placed. We have a placement cell focussing on training and placements in Bangalore. Our placement cell help more than 600+ students per year.
Learn from experts active in their field, not out-of-touch trainers. Leading practitioners who bring current best practices and case studies to sessions that fit into your work schedule. We have a pool of experts and trainers are composed with highly skilled and experienced in supporting you in specific tasks and provide professional support. 24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts. Our trainers has contributed in the growth of our clients as well as professionals.
All of our highly qualified trainers are industry experts with at least 10-12 years of relevant teaching experience. Each of them has gone through a rigorous selection process which includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating continue to train for us.
No worries. DASVM technologies assure that no one misses single lectures topics. We will reschedule the classes as per your convenience within the stipulated course duration with all such possibilities. If required you can even attend that topic with any other batches.
DASVM Technologies provides many suitable modes of training to the students like:
- Classroom training
- One to One training
- Fast track training
- Live Instructor LED Online training
- Customized training
Yes, the access to the course material will be available for lifetime once you have enrolled into the course.
You will receive DASVM Technologies recognized course completion certification & we will help you to crack global certification with our training.
Yes, DASVM Technologies provides corporate trainings with Course Customization, Learning Analytics, Cloud Labs, Certifications, Real time Projects with 24x7 Support.
Yes, DASVM Technologies provides group discounts for its training programs. Depending on the group size, we offer discounts as per the terms and conditions.
We accept all major kinds of payment options. Cash, Card (Master, Visa, and Maestro, etc), Wallets, Net Banking, Cheques and etc.
DASVM Technologies has a no refund policy. Fees once paid will not be refunded. If the candidate is not able to attend a training batch, he/she is to reschedule for a future batch. Due Date for Balance should be cleared as per date given. If in case trainer got cancelled or unavailable to provide training DASVM will arrange training sessions with other backup trainer.
Your access to the Support Team is for lifetime and will be available 24/7. The team will help you in resolving queries, during and after the course.
Please Contact our course advisor +91-99003 49889. Or you can share your queries through info@dasvmtechnologies.com