AWS Security Training

Description:

This 4-day training provides a comprehensive exploration of security in AWS environments, blending theoretical concepts with hands-on practice. Participants start by understanding the shared responsibility model, encryption fundamentals, and identity management with IAM before moving into service-level security for compute, storage, databases, and networking.

Learners will practice setting up IAM policies and roles, configuring secure EC2 instances, managing S3 encryption, and designing secure VPC architectures with ACLs, Security Groups, and Flow Logs. Modules also cover database security with RDS, Aurora, and DynamoDB, as well as monitoring and auditing using CloudTrail and CloudWatch.

Advanced topics include AWS Key Management Service (KMS) for encryption, cross-account access, AWS Organizations, Cognito for identity federation, and mitigation strategies for DDoS attacks. Participants will also be introduced to security tools such as AWS Inspector, as well as incident response planning and penetration testing approaches.

By the end of this training, participants will have a solid grasp of AWS security capabilities, enabling them to design and manage secure architectures, monitor compliance, and respond effectively to incidents. The course is highly recommended for professionals seeking to strengthen their AWS security expertise or prepare for AWS Security-related certifications.

Duration: 4 Days

Course Code: BDT 518

Learning Objectives:

After this training, participants will be able to:

1. Implement AWS security services (IAM, KMS, CloudTrail)
2. Design secure architectures across AWS services
3. Apply encryption, monitoring, and governance best practices
4. Respond to incidents and manage compliance requirements

1. Security Engineers and Architects
2. Cloud Engineers managing secure AWS workloads
3. DevOps Engineers focused on security
4. IT professionals preparing for AWS Security certification

1. Basic AWS knowledge
2. Understanding of networking fundamentals
3. Awareness of cloud security principles
4. AWS Free Tier account for labs

Course Outline:

Module 1: AWS Overview

• AWS History
• Global Infrastructure
• Free Tier Setup

Module 2: IAM

• IAM Basics
• Billing Alarm Lab
• IAM Policies and Roles

Module 3: EC2 Security

• Launching EC2
• Security Groups
• EBS Encryption
• Load Balancers
• EC2 Metadata

Module 4: VPC Security

• Custom VPC Lab
• NACLs vs Security Groups
• VPC Flow Logs
• Endpoints
• DDoS Mitigation

Module 5: Database Security

• RDS Backups and Multi-AZ
• DynamoDB
• Aurora
• Redshift Security

Module 6: Encryption and KMS

• KMS Basics
• Encrypt/Decrypt Keys
• S3 with KMS
• Importing Key Material

Module 7: Security Perspective

• Shared Responsibility
• Incident Response
• Penetration Testing
• Inspector

Module 8: IAM Advanced

• Cross Account Roles
• Organizations
• Cognito
• S3 Pre-Signed URLs

Module 9: Monitoring and Logging

• CloudTrail
• CloudWatch Logs
• KMS Monitoring

Training material provided: Yes (Digital format)