Back to Course

Introduction to AWS Security

0% Complete
0/0 Steps
  1. Introduction

    About the course and authors
  2. AWS cloud architecture
  3. Security concerns with our architecture
  4. Regions and Availability Zones (AZs)
  5. Shared responsibility in the cloud
  6. [Cheat Sheet] AWS Security Services
  7. Create a billing alert to avoid surprise bills
  8. Infrastructure Security
    VPC networks
  9. Default VPCs
  10. [DEMO] Creating VPCs and Subnets
  11. How many VPCs should you use?
  12. [DEMO] Subnet, Route Table, and Gateway Configurations
  13. [LAB] [Challenge] Create a VPC with public and private subnets
  14. [LAB] Launching an EC2 instance
  15. [DEMO] Security Groups (SGs)
  16. Security Groups Best Practices
  17. [DEMO] Network Access Control Lists (NACLs)
  18. [Cheat Sheet] SGs vs. NACLs
  19. [LAB] [Challenge] Configure security groups and NACLs to specific requirements
  20. Elastic Load Balancers
  21. [DEMO] AWS WAF
  22. [LAB] [Challenge] Deploy AWS WAF ACL for Application Load Balancer
  23. [DEMO] AWS Network Firewall - Part 1
  24. [DEMO] AWS Network Firewall - Part 2
  25. AWS Shield for DDoS Protection
  26. AWS Firewall Manager
  27. Identity and Access Management (IAM)
    Key Concepts of IAM in AWS
  28. [DEMO] Getting started with IAM in AWS
  29. [DEMO] Creating our first admin user
  30. Assigning permissions with policies
  31. [Cheat Sheet] Anatomy of an AWS IAM Policy
  32. [DEMO] Using Identity Center AWS SSO
  33. IAM Roles
  34. [DEMO] Creating a role for EC2 instances to access S3 buckets
  35. End-User Management with Amazon Cognito
  36. IAM Access Analyzer
  37. [DEMO] IAM Access Analyzer Unused Access
  38. [LAB] Check policies for new access before deployment with IAM Access Analyzer
  39. [LAB] Check IAM policies against a deny list with IAM Access Analyzer
  40. Data Protection
    Data protection in the cloud
  41. EBS Data Protection and Encryption
  42. [LAB] Encrypt Existing Unencrypted EBS Volumes and Snapshots
  43. Amazon RDS Data Protection and Encryption
  44. Key Management with AWS KMS
  45. [Cheat Sheet] Getting Started with AWS KMS
  46. [DEMO] Creating a Symmetric Encryption KMS Key
  47. [Cheat Sheet] Encrypt and Decrypt Data with KMS and Data Keys
  48. [LAB] Encrypt and Decrypt Data with KMS and Data Keys
  49. Amazon S3 Bucket Protection
    Understanding Bucket Ownership
  50. [LAB] Creating Buckets and Uploading Objects in S3
  51. Managing Access to Buckets
  52. [Cheat Sheet] S3 Bucket Policies vs. ACLs vs. IAM Policies
  53. [LAB] [Challenge] Create an IAM role for secure access to S3 based on a scenario
  54. Using Signed URLs
  55. [LAB] S3 Presigned URLs
  56. Encrypting S3 Data
  57. [DEMO] Enable S3 Object Versioning
  58. [Cheat Sheet] Amazon S3 Protection Summary
  59. [Cheat Sheet] Create a least privilege S3 bucket policy
  60. Logging, Monitoring, and Incident Response
    AWS Log Types and Auditing Options
  61. [DEMO] Enable S3 Server Access Logs
  62. AWS CloudTrail
  63. Amazon CloudWatch
  64. [DEMO] CloudTrail Security Automation with CloudWatch Logs and SNS
  65. [DEMO] Amazon VPC Flow Logs
  66. Proper Logging and Monitoring
  67. Amazon GuardDuty
  68. [LAB] [DEMO] Enable Threat Detection with GuardDuty
  69. [DEMO] Amazon EventBridge
  70. AWS Config
  71. AWS Systems Manager
  72. [LAB] Secure EC2 Access with SSM Session Manager and KMS
  73. [DEMO] AWS Config Automated Remediation with SSM
  74. [LAB] Remediate Open SSH Security Groups with AWS Config and SSM
  75. Amazon Detective
  76. [LAB] [DEMO] Amazon Inspector
  77. [DEMO] Amazon Macie
  78. [DEMO] AWS Security Hub
  79. [DEMO] Must-have AWS monitoring and alerting with SSK
  80. Multi-Account Security
    [DEMO] AWS Organizations
  81. [DEMO] AWS SCPs and Management Policies
  82. AWS Control Tower
  83. Wrap-up and Key Takeaways
    What did you think of the course?
  84. What now?
Lesson 85 of 84
In Progress

Protecting Logs

Christophe October 18, 2022

Lesson available soon

Responses

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.