AWS Security Speciality

Why Choose Garranto Academy for Your AWS Security Specialty Training ?

Opt for Garranto Academy for AWS Security Specialty training, offering top-notch courses that blend theoretical knowledge with practical skills, preparing you to excel in securing AWS environments effectively.

Course Overview:

The AWS Security Specialty course is a comprehensive 5-day program designed to equip participants with advanced knowledge and practical skills in securing AWS environments. Covering a range of security domains, participants will gain insights into topics such as management and governance, networking and content delivery, security identity and compliance, and various tools and services crucial for maintaining a secure AWS infrastructure. Labs and practical demonstrations are integrated throughout the course, ensuring hands-on application of security concepts.

What You'll Learn in Our AWS Security Specialty Certification Course ?

Course Objectives:

• Gain a deep understanding of cloud security principles, including AWS-specific security domains and topics.
• Learn about AWS's security features, secure global infrastructure, and compliance standards.
• Master AWS services for auditing, monitoring, compliance, and governance, including AWS Audit Manager, CloudTrail, CloudWatch, AWS Config, and more.
• Become proficient in securing network and content delivery in AWS, including Amazon VPC, Security Groups, WAF, and more.
• Explore AWS services like AWS Identity and Access Management (IAM), GuardDuty, Key Management Service (KMS), and more for identity management and compliance.
• Develop hands-on experience in using AWS CLI and SDK for managing AWS resources.

Prerequisites:

• Basic Networking Knowledge
• AWS Basic knowledge
• Firewall basic knowledge
• It would be great if you completed AWS 3 in 1 course of Shedil
• Multiple Firewall
• Encryption Technique
• CCNA-level knowledge Architectures

Course Outline:

Module 1: Introduction to Cloud Security:

• Security intro (Add Security domain & Topics)
• Security in AWS
• Secure global infrastructure and compliance
• shared responsibility and trusted advisor

Module 2: Management and Governance:

• AWS Audit Manager
• AWS CloudTrail
• Amazon CloudWatch
• AWS Config
• AWS Organizations
• AWS Systems Manager
• AWS Trusted Advisor

Labs Topics

• Select compliance & make an assessment
• Cloud trail with S3 with Athena
• Install CloudWatch Logs Agent on EC2 Instance and View CloudWatch Metrics
• AWS Access control alerts with CloudWatch and CloudTrail"
• Check the Compliance status of EBS Unencrypted using AWS Config. Detective
• AWS Organization & SSO (Demo)
• Access EC2 from Session Manager and send SSH logs to CloudWatch
• Check AWS Resources in Trusted Advisor

Module 3: Networking and Content Delivery:

• Amazon Detective
• AWS Firewall Manager
• AWS Network Firewall
• AWS Security Hub
• Amazon VPC
• VPC endpoints
• Network ACLs
• Security groups
• AWS WAF & Shield

Labs Topics

• Detail analysis by enabling AWS Security hub using the security standard
• Understanding and Configuring Layered Security in an AWS VPC
• Understanding Stateful vs Stateless Firewalls
• How to setup an AWS Site-to-Site (S2S) VPN Connection
• How to implement end-to-end VPC Endpoint service
• Understanding Lambda@Edge
• Implementing AWS WAF with ALB to block SQL Injection, Geo-Location, and Query string
• Blocking web traffic with WAF in AWS

Module 4: Security, Identity, and Compliance:

• AWS Certificate Manager (ACM)
• AWS CloudHSM
• AWS Directory Service
• Amazon GuardDuty
• AWS Identity and Access Management (IAM)
• Amazon Inspector
• AWS Key Management Service (AWS KMS)
• Amazon Macie
• AWS Single Sign-On

Labs Topics

• Create AWS public Certificate on sherdilitacademy.net and use on Load balancer with Apache
• AWS Directory Service - Working with Simple AD
• Work with AWS Guard duty
• Create users, groups, MFA, JSOn policies
• Find vulnerabilities on EC2 instances using Amazon Inspector
• KMS & CMK encryption & Decryption
• Discover sensitive data present in the S3 bucket using Amazon Macie
• Lab cover in AWS Organization

Module 5: Other Topics Covered In Exam:

• AWS CLI
• AWS SDK
• AWS Management Console
• Network analysis tools (packet capture and flow captures)
• SSH/RDP
• Signature Version 4 Signing
• TLS
• Infrastructure as code (IaC)
• Some demo and final projects

Labs Topics

• Working with cloud shell
• Working with Cloud SDK
• Virtual tour
• Demo
• Cloud formation deployment

Course Outcomes:

Upon completion of the course "AWS Security Speciality" participants will be able to:

• Have a strong foundation in AWS cloud security and governance.
• Be proficient in using AWS services for auditing, monitoring, and compliance.
• Understand the concepts and practices of network security in AWS.
• Be skilled in managing identity and access control through AWS IAM.
• Know how to utilize AWS CLI and SDK for resource management.
• Gain practical experience with network analysis tools for enhanced security.
• Comprehend infrastructure as code (IaC) and its application in AWS.
• Be well-prepared for the AWS certification exam.
• Have hands-on experience in AWS security and governance, suitable for real-world cloud security and compliance challenges.

Benefits of Becoming an AWS Security Specialty Certified Professional

Elevate your career and fortify cloud infrastructure with the AWS Security Specialty Certification, ensuring robust security solutions, compliance, and risk mitigation for unparalleled data protection.

How AWS Security Speciality Certification Can Transform Cloud Security ?

Transform your organization's cloud security landscape with AWS Security Specialty Certification, implementing advanced measures, and best practices to safeguard sensitive data and maintain regulatory compliance.