Overview
Learn how to efficiently use AWS security services to stay secure in the AWS cloud.
This AWS-SEC: Security Engineering on AWS course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud and prepares learners for the AWS Certified Security – Specialty certification course.
This AWS certification highlights the security features of AWS key services including compute, storage, networking, and database services. Attendees will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.
Trainocate is an AWS Authorized Training Partner as well as the AWS Global Training Partner of the Year 2022 is trusted by AWS to offer, deliver, and/or incorporate official AWS Training, including classroom and digital offerings. Whether your team prefers to learn from live instructors, on-demand courses, or both, ATPs offer a breadth of AWS Training options for learners of all levels.
Skills Covered
In this course, you will learn how to:
- Assimilate and leverage the AWS shared security responsibility model
- Architect and build AWS application infrastructures that are protected against the most common security threats
- Protect data at rest and in transit with encryption
- Apply security checks and analyses in an automated and reproducible manner
- Configure authentication for resources and applications in the AWS Cloud
- Gain insight into events by capturing, monitoring, processing, and analyzing logs
- Identify and mitigate incoming threats against applications and data
- Perform security assessments to ensure that common vulnerabilities are patched and security best practices are applied
Who Should Attend
This course is designed for security engineers, security architects, cloud architects, and cloud operators working across all global segments who would like to learn more about how to use AWS security services including AWS Control Tower, AWS Secrets Manager, Amazon CloudWatch, Amazon GuardDuty, and more, to take their security operations to the next level and to stay secure in the AWS Cloud.
Job roles:
- Security engineers
- Security architects
- Information security
Course Curriculum
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- AWS-CLDPE: AWS Cloud Practitioner Essentials
- AWS-SE: AWS Security Fundamentals
- AWS-ARC: Architecting on AWS
- Working knowledge of IT security practices and infrastructure concepts
- Familiarity with cloud computing concepts
Download Course Syllabus
Course Modules
- Security in the AWS cloud
- AWS Shared Responsibility Model
- Incident response overview
- DevOps with Security Engineering
- Identify the different ways to access the AWS platform
- Understanding IAM policies
- IAM Permissions Boundary
- IAM Access Analyzer
- Multi-factor authentication
- AWS CloudTrail
- Lab 01: Cross-account access
- Threats in a three-tier architecture
- Common threats: user access
- Common threats: data access
- AWS Trusted Advisor
- Amazon Machine Images
- Amazon Inspector
- AWS Systems Manager
- Lab 02: Using AWS Systems Manager and Amazon Inspector
- Data protection strategies
- Encryption on AWS
- Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB
- Protecting archived data with Amazon S3 Glacier
- Amazon S3 Access Analyzer
- Amazon S3 Access Points
- Amazon VPC security considerations
- Amazon VPC Traffic Mirroring
- Responding to compromised instances
- Elastic Load Balancing
- AWS Certificate Manager
- Amazon CloudWatch and CloudWatch Logs
- AWS Config
- Amazon Macie
- Amazon VPC Flow Logs
- Amazon S3 Server Access Logs
- ELB Access Logs
- Lab 03: Monitor and Respond with AWS Config
- Amazon Kinesis
- Amazon Athena
- Lab 04: Web Server Log Analysis
- AWS Site-to-Site and Client VPN connections
- AWS Direct Connect
- AWS Transit Gateway
- Amazon Route 53
- AWS WAF
- Amazon CloudFront
- AWS Shield
- AWS Firewall Manager
- DDoS mitigation on AWS
- Amazon Cognito
- Amazon API Gateway
- AWS Lambda
- Amazon GuardDuty
- AWS Security Hub
- Amazon Detective
- AWS KMS
- AWS CloudHSM
- AWS Secrets Manager
- Lab 05: Using AWS KMS
- AWS CloudFormation
- AWS Service Catalog
- Lab 06: Security automation on AWS with AWS Service Catalog
- AWS Organizations
- AWS Control Tower
- AWS SSO
- AWS Directory Service
- Lab 07: Federated Access with ADFS
Request More Information
Training Options
- ILT: Instructor-Led Training
- VILT: Virtual Instructor-Led Training
Exam & Certification
AWS Certified Security – Specialty (SCS-C02)
Validate your technical skills and expertise with an industry-recognized credential and grow your career.
This credential helps organizations identify and develop talent with critical skills for implementing cloud initiatives. Earning AWS Certified Security – Specialty validates expertise in securing data and workloads in the AWS Cloud.
Training & Certification Guide
The AWS Certified Security – Specialty is intended for individuals who perform a security role with at least two years of hands-on experience securing AWS workloads.
- Domain 1: Incident Response 12%
- Domain 2: Logging and Monitoring 20%
- Domain 3: Infrastructure Security 26%
- Domain 4: Identity and Access Management 20%
- Domain 5: Data Protection 22%
- An understanding of specialized data classifications and AWS data protection mechanisms
- An understanding of data encryption methods and AWS mechanisms to implement them
- An understanding of secure Internet protocols and AWS mechanisms to implement them
- A working knowledge of AWS security services and features of services to provide a secure production environment
- Competency gained from two or more years of production deployment experience using AWS security services and features
- Ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements
- An understanding of security operations and risk
- At least two years of hands-on experience securing AWS workloads
- Security controls for workloads on AWS
- A minimum of five years of IT security experience designing and implementing security solutions
65 questions; either multiple choice or multiple response
AWS-ADV-DEV: Advanced Developing on AWS
This three-day AWS-ADV-DEV: Advanced Developing on AWS course covers advanced development topics such as architecting for a cloud-native environment and deconstructing on-premises legacy applications and repackaging them into cloud-based, cloud-native architectures. It also covers how to apply the tenets of the Twelve-Factor Application methodology.
AWS-ARC: Architecting on AWS
The AWS-ARC: Architecting on AWS training course is intended for solutions architects, solution-design engineers, and developers seeking an understanding of AWS architecting. In this AWS Architect training course, you will learn to identify services and features to build resilient, secure and highly available IT solutions on the AWS Cloud.
AWS-ADVARC: Advanced Architecting on AWS
In this AWS-ADVARC: Advanced Architecting on AWS training course, each module presents a scenario with an architectural challenge to be solved. You will examine available AWS services and features as solutions to the problem. You will gain insights by participating in problem-based discussions and learning about the AWS services that you could apply to meet the challenges.
AWS-AWABP: Advanced AWS Well-Architected Best Practices
This interactive AWS-AWABP: Advanced AWS Well-Architected Best Practices course provides a deep dive into Amazon Web Services (AWS) best practices to help you perform effective and efficient AWS Well-Architected Framework Reviews. The course covers the phases of a review, including how to prepare, run, and get guidance after a review has been performed. Attendees should have familiarity with the AWS concepts, terminology, services, and tools that are covered in the intermediate, 200-levelAWS Well-Architected Best Practices.
AWS-DEVOPS: DevOps Engineering on AWS
The AWS-DEVOPS: DevOps Engineering on AWS training course teaches you how to use the combination of DevOps cultural philosophies, practices, and tools to increase your organization’s ability to develop, deliver, and maintain applications and services at high velocity on AWS. This course covers Continuous Integration (CI), Continuous Delivery (CD), infrastructure as code, microservices, monitoring and logging, and communication and collaboration.
AWS-COA: Cloud Operations on AWS
This AWS-COA: Cloud Operations on AWS course teaches systems operators and anyone performing cloud operations functions how to manage and operate automatable and repeatable deployments of networks and systems on AWS. You will learn about cloud operations functions, such as installing, configuring, automating, monitoring, securing, maintaining, and troubleshooting these services, networks, and systems.
AWS-SBP: AWS Security Best Practices
Learn to design and implement secure solutions from an expert AWS instructor.
This course helps you understand your responsibilities while providing valuable guidelines for how to keep your workload safe and secure. You will learn how to secure your network infrastructure using sound design options. You will also learn how you can harden your compute resources and manage them securely.
AWS-SGS: AWS Security Governance at Scale
Learn to retire manual processes through AWS security and governance services and concepts.
In this AWS-SGS: AWS Security Governance at Scale course, you will learn how to facilitate developer speed and agility, and incorporate preventive and detective controls. By the end of this course, you will be able to apply governance best practices.
Certification is the one of the best ways to validate your cloud skills. And AWS Certifications are industry-recognized credentials. And AWS Certifications, in particular, are industry-recognized credentials that showcase your expertise in the AWS Cloud. This e-book provides an overview of what you need to know to earn an AWS Certification, acting as your guide throughout the process. It will help you determine which AWS Certifications are right for you and show you how to prepare for and obtain them.
Training and Certification for your Machine Learning Journey
Organizations are struggling to find data scientists and developers with machine learning experience. Learn how you can become the machine learning problem-solver others look to. In this eBook, we’ll review the promise of machine learning and how innovations in training and certification give developers and data scientists an advantage by equipping them with the skills to help their organizations achieve success.
Innovate Securely and Confidently with AWS Training and Certification
Across nearly every industry, organizations are discovering a greater need to empower every employee with cloud security skills. This e-book will guide you on how AWS Training and Certification can help your organization innovate securely and confidently by offering flexible in-demand digital training that can help your teams build security skills quickly and comprehensively.
How people are bringing the possibilities of purpose-built databases to life
It’s time to push the limits of innovation by building your database of skills. The power of data has grown at an exponential rate over the last several years. It has created a new universe of possibilities for applications, services and beyond. In this e-book, we’ll introduce you to effective methods of building your database skills. We’ll help you start your journey and propel you into this new universe of data empowering you to explore and innovate throughout the ever-growing expanse of purpose-built database possibilities.
Accelerate Your Modernization Journey
Develop skills in designing, building and managing modern applications. As companies look to become more agile so they can innovate and respond to change faster and innovate rapidly, this inadvertently requires a different kind of application than what was common years ago. This e-book gives you insights on the importance of training and skilling to accelerate your company’s digital transformation.
Accelerate Migration with Comprehensive Cloud Skills Enablement
As benefits of the cloud like speed, scale and modernization have become more widely understood, the conversation at many organizations has shifted from “why cloud?” to “which cloud?” Thousands of companies, including GE, The Coca-Cola Company, BP, Enel, Samsung, News Corp, and 21st Century Fox, have found their answer with AWS.
AWS also helps provide the answer to another critical questions in your cloud journey: “How to get to the cloud in the fastest, most efficient way possible?” A transformative migration is now within your reach. Now you can learn how you can migrate with your confidence by building your team’s cloud skills with AWS Training and certification by downloading this e-book.
10 Reasons to learn the AWS Cloud
It does not matter you’re new to AWS Cloud services, seeking to update your cloud skills, or exploring a cloud-first strategy for your organization it’s time to make a plan. Download this free E-Book and learn how AWS Training can help you better understand how the AWS Cloud works and how you can troubleshoot with confidence and skill
Adopting Multicloud Strategies in Malaysia: A 2024 Roadmap
Looking to implement multicloud strategies Malaysia? Cut through the noise with this focused guide. You’ll gain essential insights into creating a multicloud approach that addresses cost-efficiency, performance excellence, and seamless scalability. Understand the landscape with real-world Malaysian case studies, strategies to overcome interoperability, and ways to stay ahead of fast-evolving cloud trends. This article is your gateway to mastering multicloud strategies in the Malaysian digital terrain.
Frequently Asked Questions
Build credibility
- Skills validation – Earning AWS Certified Security – Specialty shows your expertise in incident response, logging and monitoring, infrastructure security, identity and access management, and data protection on the AWS platform.
- Confidence – Feel confident you can design and implement cloud security solutions on AWS. The AWS Certified Security – Specialty certification validates that you meet the bar set by experts in AWS security solutions.
- Best practices – Showcase your expertise in best practices for securing your data and workloads in the AWS Cloud.
Discover more opportunities
- Recognition – With a digital badge that verifies your achievement, AWS Certified Security – Specialty indicates expertise in securing data and workloads in the AWS Cloud.
- Differentiate your skill set – Differentiate your AWS security expertise with a credential that represents your ability to understand security risks, secure your production environment, and detect and automate responses to security alerts.
AWS Classroom Training is developed by the experts at AWS to empower learners at all levels. AWS Authorized Instructors lead
immersive, hands-on classes that equip your teams with skills to innovate confidently and deliver results for your organization.*
Choose official AWS Training
Your teams will receive official AWS Training, learning fromcurriculum designed by the experts at AWS. Our courses are based on real-world customer scenarios and our teams’ firsthand knowledge of how and where customers need help building in the AWS Cloud. AWS Classroom Training is the only training authored by AWS and delivered by expert AWS Authorized Instructors.
Come with questions
leave with answers Instructors with deep technical knowledge will help your teams break down complex topics, address specific areas of concern, and provide constructive feedback in real time.
Get hands-on
Your teams will practice new skills in a real AWS environment. They’ll learn AWS on AWS, with opportunities to complete hands-on labs while using AWS services via the AWS Management Console and AWS Command Line Interface (CLI).
Improve bottom-line results
Cloud skills training can lead to faster time to market, increased profitability, lower business risk, and higher employee engagement.3 AWS Classroom Training helps you achieve these benefits and more—quickly and comprehensively—by enabling your teams to develop essential, in-demand cloud skills in a supportive and interactive environment. As your teams develop cloud fluency, AWS Classroom Training can also lead to more effective collaboration and faster innovation through a shared understanding.
Attract, develop, and retain top talent
The cost of reskilling an existing employee is estimated to be 23% cheaper than hiring a new employee.4 It can help you retain your employees by investing in their professional growth with training that can propel their careers. And it empowers your staff to leverage the foundational skills and knowledge they already have as they transition to cloud roles.
AWS Certified Security – Specialty is intended for individuals who perform a security role and have at least two years of hands-on experience securing AWS workloads. Before you take this exam, we recommend you have:
- Five years of IT security experience in designing and implementing security solutions and at least two years of hands-on experience in securing AWS workloads
- Working knowledge of AWS security services and features of services to provide a secure production environment and an understanding of security operations and risks
- Knowledge of the AWS shared responsibility model and its application; security controls for workloads on AWS; logging and monitoring strategies; cloud security threat models; patch management and security automation; ways to enhance AWS security services with third-party tools and services; and disaster recovery controls, including BCP and backups, encryption, access control, and data retention
- Understanding of specialized data classifications and AWS data protection mechanisms, data-encryption methods and AWS mechanisms to implement them, and secure internet protocols and AWS mechanisms to implement them
- Ability to make tradeoff decisions with regard to cost, security, and deployment complexity to meet a set of application requirements
To earn this certification, you’ll need to take and pass the AWS Certified Security – Specialty exam (SCS-C01). The exam features a combination of two question formats: multiple choice and multiple response. Additional information, such as the exam content outline and passing score, is in the exam guide.
The AWS Certified Security – Specialty exam validates technical skills and experience in securing and hardening workloads and architectures on the AWS platform. Attendees with two or more years of hands-on experience designing and deploying cloud architecture on AWS should join this half-day AWSER-SECURITY: Exam Readiness: AWS Certified Security – Specialty course to learn how to prepare for the exam. We’ll help you prepare by exploring the exam’s topic areas and mapping them to specific areas to study. We’ll review sample exam questions in each topic area, teaching you how to interpret the concepts being tested so that you can better eliminate incorrect responses.
AWS Training and Certification helps you build and validate your cloud skills so you can get more out of the cloud. We offer both digital and classroom training—delivered virtually and in person—so you can choose to learn online at your own pace or learn best practices from an instructor. AWS Training and Certification offers prescriptive learning paths to get you started quickly. Progress along the path from foundational to intermediate training, and then dive deeper with advanced training to continue your learning.
Trainocate Malaysia offers technical role-based learning paths for architects, developers, and operations staff. We also offer a Cloud Practitioner learning path for business decision makers who want to learn AWS Cloud fundamentals. Additional solutions-based learning paths focus on topics like machine learning, storage, data analytics, and security.
You will learn directly from AWS experts who have domain experience and access to the latest AWS Cloud products, services, and teaching methods. This training will increase your credibility as someone who uses and makes decisions about cloud services. Building clouds skills through high-quality digital training can also support the credibility of your entire organization. When your technologists and strategists are well trained in cloud skills, they can more easily project confidence about your cloud strategy.
AWS Certification helps learners build credibility and confidence by validating their cloud expertise with an industry-recognized credential and organizations identify skilled professionals to lead cloud initiatives using AWS. Just like learning music theory enables you to jam, a strong grounding in cloud principles empowers you to creatively explore cloud options.
Having the skills and insight to act upon your creativity and inspiration is essential to discovering new business opportunities in the cloud and helping your organization innovate. You’ll be able to experiment with AWS Cloud services, quickly testing products and implementing strategies to determine what best delivers your organizational goals.
You don’t need to be a technologist to benefit from learning cloud basics. By learning the AWS Cloud, you’ll gain first-hand knowledge of how the cloud can support greater efficiency, flexibility, and opportunity for both you and your organization.
You’ll also gain confidence in your ability to consider cloud options, so you’re better informed when making business and management decisions involving the cloud. By investing in training, organizations can accelerate cloud adoption, achieve business objectives sooner, and overcome concerns related to cloud adoption. Also, comprehensively trained organizations are nearly three times more likely to use the cloud to jump-start innovation. They’re also nearly four times more likely to meet cloud ROI requirements, and over four times more likely to overcome operational and performance concerns.
Learn about each AWS Certification in our AWS Training and Certification blog post. To answer that question, you’ll need to consider your role and honestly evaluate your existing level of experience and knowledge across various areas of technical and cloud expertise. AWS offers four categories of certifications, three of which correspond to the amount of experience you have with the AWS Cloud. For Specialty certifications, the amount of recommended experience varies by certification.