AWS Security and Networking Training in India

Module 4  : Amazon  S3   ( Hands on lab by students)

• AWS s3- Overview and pricing
• Create Bucket  and Folder
• Upload, download, share and delete object
• File Versioning
• Cross Region Replication
• Setting s3 life cycle policy
• Create static Website in s3
• S3 Transfer Acceleration
• S3 security and encryption
• Logging and monitoring of S3 events
• Delete Bucket

Module 5  : AWS Cloudfront ( Hands-on laby by students )

• Cloudfront overview and pricing
• Create a origin bucket for cloudfront
• Upload file to origin bucket
• Create CDN distribution and use origin bucket
• Access files through Cloudfront distribution
• Setting up Geo restrictions
• Signed urls

Module 6 : Amazon Elastic Load Balancing (ELB)   ( Hands on lab by students)

Lab 6.1

• Launch Two Ubuntu EC2 Instances- apache web servers with user data
• Edit HTML files to both the servers
• Test your web Servers through internet

Lab 6.2

• Create Elastic Load Balance
• Add both the Ubuntu servers to ELB
• Test your Elastic Load Balancer
• Delete your Elastic Load Balancer

Module 7 : AWS Route53 – Demo by Trainer

• What is Route53
• Route-53 demo integration with ELB you created ( Performed by Instructor only)
• Geo-location policy

Module 8  : AWS – IAM (Identity and Access Management) concepts and Handosn

• What is IAM? – A comprehensive introduction
• Getting started with IAMs

IAM   user- groups ( Hands on lab by students)

• Creating a user and group
• Adding a user to the group
• Password policy setup for users
• Attaching policy to users
• Enabling dual /Multi  factor authentication to the users

IAM roles    ( Hands on lab by students)

• Creating a IAM role and assign s3 full access policy
• Launching a EC2 instance using a S3 full access role
• AWS CLIinstall and create s3 bucket using cli, upload file and delete bucket from s3
• Deleting a role
• S3 bucket level policy setup

Module 9 : AWS cloud watch  - concepts and Handson lab by students

• AWS cloud watch overview
• Configure ec2 logging agent
• Cloudwatch Log-group

Module 10 : AWS security concepts

• AWS shared security responsibility model
• Shared security model for Infrastructure services
• Shared security model for container services
• Shared security model for abstracted services
• Protecting data at rest in ec2, ebs, s3, RDS, Glacier, DynamoDB,and EMR
• Securing Your VPC
• Security moniroting, alerting and audit trail

Module 11 :AWS security tools – hands on Labs

• Trusted advisor
• Cloud trail
• AWS config
• AWS App config
• AWS well architected Tool concepts
• Key Management services for EBS encryption

Module 12:  Penetration testing on AWS cloud – live demo by Trainer

• Penetration Testing of EC2 Instances using Kali Linux
• Elastic Block Stores pen testing.
• Deleted Data
• Reconnaissance - Identifying Vulnerable S3 Buckets
• Exploiting Permissive S3 Buckets
• Identity Access Management on AWS
• Security and Pentesting of AWS Lambda
• Pentesting and Securing AWS RDS
• Using Pacu for AWS Pentesting

Addon Topics on Security : ( hands-on-lab-by students)

• Athena overview and quick lab
  • analyze data in Amazon S3 using standard SQL.
• Macie overview and lab
  • Generate report of s3 services any unencrypted and publicly accessibly buckets
• GuardDuty
  • Analyze events published on cloud trail or vpc flow logs
• SecurityHub overview and demo by trainer
• Network packet inspection concepts
• Cloud HSM concepts
• WAF concepts
• Case studies
• KMS -service : use for EBS volume encryption
• AWS Cognito service- overview and features

Addon Topics on Networking : ( concepts only introduction to services and usecase )

• BGP concepts
• CloudHub
• Network cost management and optimization
• Placement groups- Optimizing network performance
• Case studies