Location:Main Road, Bangalore

Info@bangalorecourses.com

Aws Certified Security Specialty

Course

AWS CERTIFIED SECURITY SPECIALTY

Category

Amazon AWS IT Training

Eligibility

Job Aspirants

Mode

Both Classroom and Online Classes

Batches

Week Days and Week Ends

Duration :

30 to 45 days

Amazon AWS What will you learn?

•Build and deploy web applications Amazon AWS.
•Students will learn widely used Amazon AWS concepts
•Learn how to use conditional statements in Amazon AWS.
•How to write Amazon AWS from scratch (no experience required!)
•Learn or brush up with the basics of Amazon AWS
•Learn fundamentals of Amazon AWS for Beginners: Practical and hands-on learning
•Learn all about Amazon AWS from basic to advanced with interactive tutorials.
•Students will have a solid understanding on how to create Amazon AWS App.
•This course is designed for any graduates as well as Software Professionals who are willing to learn Amazon AWS.

aws certified security specialty Course Highlights

•Most comprehensive Industrry curriculum
•25+ projects for good Learning experience
•Software & others tools installation Guidance
•The courses range from basic to advanced level
•We Also provide Case studies for Online Training Courses
•Access to a huge closet containing information about Hadoop
•Every class will be followed by practical assignments which aggregates to minimum 60 hours.
•We help the students in building the resume boost their knowledge by providing useful Interview tips

Who are eligible for Amazon AWS

•Big Data, E-commerce, Cloud Computing, Sap, Erp, Application Programming, Web Development
•Java Developer, Front End Developer, Visionplus Developer, Automation Testing, Selenium/ Tosca Testing, Functional Testing, Mainframe Developer, Connex
•Java/J2EE, Springs, API, REST/, MySQL, Java, Admin UI developer with HTML/JavaScript/Ember.js, Java Enterprise Integration/ESB/API Management experts with Mule
•Sap, Process Executive, Hadoop Developer, Hadoop Architect, Sap Srm/snc Testing, Sap Pp / Qm Testing, Sap Ewm Testing, Sharepoint Developer, T24 Technical And
•Web Application Developers, Java Developers, DBA LEAD, DBA Manager, Asset Control developer, embedded software engineer, oracle applications technical

AWS CERTIFIED SECURITY SPECIALTY Syllabus

Getting started with the course
•Understanding AWS Security Specialty exams
•Domain 1 – Incident Response
•Introduction to Domain 1
•Case Study of Hacked Server
•Dealing with AWS Abuse Notice
•AWS GuardDuty
•Whitelisting Alerts in AWS GuardDuty
•Document – GuardDuty Alert Lists
•Centralized Dashboards for GuardDuty Findings
•Understanding Incident Response Terminology
•Incident Response Use-Cases for Exams
•Use Case – Dealing with Exposed Access Keys
•Use Case – Dealing with compromised EC2 Instances
•Incident Response in Cloud
•Penetration Testing in AWS (New)
•Quiz – Domain 1: Incident Response
•Notes – Domain 1
•Domain 2 – Logging & Monitoring
•Introduction to Vulnerability, Exploit, Payload
•VEP Practical – Hacking inside a test farm
•Understanding Automated Vulnerability Scanners
•Common Vulnerabilities Exposures & CVSS
•Introduction to AWS Inspector
•AWS Inspector Vulnerability Scans
•AWS Security Hub
•Overview of Layer 7 Firewalls
•Understanding AWS WAF
•Implementing AWS WAF with ALB
•Overview of AWS Systems Manager
•Configuring SSM Agent
•Overview of Sessions Manager
•SSM – Run Command
•Overview of Patch Manager
•Implementing Compliance and Patch Baselines
•EC2 Systems Manager – Parameter Store
•Understanding CloudWatch Logs
•Pushing Linux system logs to CloudWatch
•Document – CloudWatch Logs Policies
•CloudWatch Events
•AWS Athena
•Athena – Code Samples
•Overview of AWS CloudTrail
•Improved Governance – AWS Config 01
•Improved Governance – AWS Config 02
•Trusted Advisor
•CloudTrail – Log File Integrity Validation
•Document – S3 Log File Validation
•Digest Delivery Times
•Overview of AWS Macie (New)
•Creating our First Alert with AWS Macie (New)
•S3 Event Notification
•VPC Flow Logs
•Centralized Logging Architecture
•Cross-Account Logging for CloudTrail and Config
•Document – Centralized Logging Policy
•Quiz – Domain 2: Logging & Monitoring
•Notes – Domain 2
•Domain 3 – Infrastructure Security
•Implementing Bastion Hosts
•Introduction to Virtual Private Networks
•OpenVPN is Awesome
•OpenVPN – Part 02
•Overview of AWS VPN Tunnels
•Using AWS VPN for On-Premise to AWS connectivity
•Configuring first IPSec tunnel with OpenSwan – Part 01
•Configuring first IPSec tunnel with OpenSwan – Part 02
•VPC Peering
•VPC Endpoints
•VPC Endpoints – Architectural Perspective
•Gateway VPC Endpoints – Access Control
•Gateway Endpoint ACL (Resource)
•Understanding Interface VPC Endpoints
•Implementing Interface Endpoints
•Network ACL
•Understanding Stateful vs Stateless Firewalls
•Understanding Networking Sockets
•Revising Security Groups
•Connection of Security Group & NIC Cards
•Egress Rules – The Real Challenge
•IPTABLES & Instance Metadata
•IDS / IPS in AWS
•EBS Architecture & Secure Data Wiping
•Understanding the Content Delivery Networks
•Demo – CloudFront Distribution
•Understanding Edge Locations
•Deploying Cloudfront Distribution – Part 01
•Deploying Cloudfront Distribution – Part 02
•Understanding the Origin Access Identity
•Understanding importance of SNI in TLS protocol
•Overview of CloudFront Signed URLs
•Implementing CloudFront Signed URLs
•Real World example on DOS Implementation
•AWS Shield
•Mitigating DDOS Attacks
•Document – DDoS References
•Introduction to Application Programming Interface (API)
•Understanding the working of API
•Building Lambda Function for our API
•Building our first API with API Gateway
•Lambda & S3
•EC2 Key-Pair Troubleshooting
•EC2 Tenancy Attribute
•AWS Artifact
•Lambda@Edge
•Lambda@Edge Practical
•AWS Simple Email Service (SES) (New)
•DNS Resolution in VPC
•Notes – Domain 3
•Quiz – Domain 3: Infrastructure Security
•Domain 4 – Identity & Access Management
•Understanding AWS Organizations
•AWS Organizations – Practical
•Organizational Unit (OU) in AWS organization
•IAM Policy Evaluation Logic
•Identity and Resource Based Policies
•Understanding IAM Policies
•IAM Policies – Part 02
•Delegation – Cross Account Trust –
•Cross Account IAM Policy Document
•External ID in Delegation
•Revising IAM Role
•EC2 Instance Meta-Data
•Understanding working of an IAM role
•IAM – Version Element
•IAM Policy Variables
•Document – IAM Policy Variable
•Principal and NotPrincipal Element
•Document – Resource Policy for Principal Element
•Implementing NotPrincipal Element
•Document – NotPrincipal S3 Bucket Policy
•Conditionl Element
•Document – Condition Policy Examples
•AWS Security Token Service
•Understanding Federation – Part 01
•Understanding Federation – Part 02
•Document – ADFS with AWS
•Understanding SAML for SSO
•Overview of AWS Single Sign-On
•Implementing AWS SSO
•Integrating AWS SSO with AWS CLI
•AWS Cognito
•Understanding Active Directory
•Introduction to AWS Directory Service
•Domain Joining EC2 instance with Directory Service
•Document – Joining Linux Instance with SimpleAD
•Trusts in Active Directory
•IAM & S3
•S3 Bucket Policies
•Bucket Policy Document – Condition based on IP Address
•Cross Account S3 Bucket Configuration
•Document – Cross Account S3 Bucket Policy
•Canned ACL’s
•Understanding Presigned URLs
•S3 – Versioning
•S3 – Cross Region Replication
•IAM Permission Boundaries (New)
•Troubleshooting IAM Policies
•Document – Troubleshooting Policies
•Troubleshooting Answers – Solution 01
•Troubleshooting Answers – Solution 02
•Troubleshooting Answers – Solution 03
•Troubleshooting Answers – Solution 04
•Troubleshooting Answers – Solution 05
•Quiz – Domain 4: Identity & Access Management
•Notes – Domain 4
•Domain 5 – Data Protection
•Introduction to Cryptography
•Plain Text vs Encrypted Text Based Algorithms
•CloudHSM
•AWS Key Management Service
•AWS Key Management Service – Part 02
•AWS Key Management Service – Part 03
•AWS Key Management Service – Data Key Caching
•AWS Key Management Service – Scheduled CMK Deletion
•AWS Key Management Service – CMK Deletion & EBS Use-Case
•Reducing Risk of Unmanageable CMK
•KMS – Authentication and Access Control
•KMS Policy Evaluation Logic – Use Case Solution – 01
•Document – KMS Use Case 01
•KMS Policy Evaluation Logic – Use Case 02
•Document – KMS Use Case 02
•KMS Policy Evaluation Logic – Use Case Solution – 02
•KMS Policy Evaluation Logic – Use Case – 03
•Document – KMS Use Case 03
•KMS Policy Evaluation Logic – Use Case Solution – 03 (New)
•KMS Grants
•Document – KMS Grants Commands
•Importing Key Material to KMS
•Document – Imported Key Material Commands
•KMS ViaService
•Document – KMS ViaService Policy
•Migrating Encrypted KMS Data Across Regions
•Benefits of CloudHSM over KMS
•S3 Encryption
•Revising Classic Load Balancers
•Overview of Load Balancer Types
•Overview of Application Load Balancer
•Path Based Routing in ALB
•Revising ELB Listener Configuration
•ELB Listeners – Understanding HTTP vs TCP Listeners
•Understanding AWS Certificate Manager
•Deploying SSL/TLS certificate with ACM
•Configuring ELB with HTTPS for SSL Offloading
•Glacier Vault and Vault Lock
•DynamoDB Encryption
•Overview of AWS Secrets Manager
•RDS Integration with AWS Secrets Manager
•Encryption Context in KMS
•Document – Encrypted Context Commands
•Quiz – Domain 5: Data Protection
•Notes – Domain 5
•Important points for Exams
•Important Pointers – Domain 1
•Final Exam Practice Test – Domain 1
•Important Pointers – Domain 2
•Final Exam Practice Test – Domain 2
•Important Pointers – Domain 3
•Final Exam Practice Test – Domain 3
•Important Pointers – Domain 4