AWS Combo Course (Architect Associate + Security-Specialty) aims to help you get through AWS certification (Fundamental + Advanced level) in the first attempt. It has been designed to help you learn how to architect, deploy secure and robust applications on AWS Cloud, and train you on the major components in AWS technology. This course will help you to enhance your overall AWS architecture knowledge. It will give you opportunities to look into various Real-World scenarios so that you can understand the reasons behind the hacking of the websites and how to deal with such situations. You will be able to:

• Define and design architectural solutions on the basis of customer requirements,
• Offer best implementation practices and guidance throughout the project life-cycle.
• Understand the reasons behind the hacking of the websites and how to deal with such situations
• Become a qualified AWS security specialist eligible enough to handle the real-world environment.

Along with the right kind of theoretical knowledge to achieve the certification, you will also receive hands-on experience working with cloud computing during this AWS architect training.

AWS Certified Solutions Architect – Associate

• Introduction to Cloud Computing
• Virtualization Concepts
• Amazon Web Services (AWS) Overview
• AWS Compute Services
  • Elastic Compute Cloud
  • Light Sail
  • Elastic Beanstalk
  • Lambda
  • Overview of Other Compute Services
• AWS Command Line Interface (CLI)
• AWS Storage Services
  • Simple Storage Service (AWS S3)
  • S3 Glacier storage
  • Elastic Block Storage (EBS) Volumes
  • Elastic File System (EFS)
  • AWS FSx
  • AWS Storage Gateway
  • AWS Snowball
• AWS Database Services
  • Relational Database Service (RDS)
  • Dynamo DB
  • Elasticache
  • Other database services
• Migration & Transfer
  • AWS Server Migration Service
  • AWS Database Migration Service
• Networking & Content Delivery
  • Virtual Private Cloud (VPC)
  • CloudFront CDN
  • Global Accelerator
  • Route 53 DNS
• Management & Governance
  • AWS Organizations
  • CloudWatch Monitoring
  • Auto Scaling
  • Cloud Trail
  • Cloud Formation
  • Overview of Other Services
• Security, Identity & Compliance
  • Identity access management (IAM)
  • AWS Certificate Manager
  • AWS Directory Services
  • AWS Organizations
  • AWS WAF & Shield
  • DDoS Mitigation Strategies & Penetration Testing
  • AWS KMS & Cloud HSM
  • AWS Cognito
  • AWS Trusted Advisor
  • Overview of Other Services
• Load Balancing & Auto Scaling
• Application Integration
  • SNS
  • SQS
  • SWF
• End-User Computing
  • Workspaces
  • App stream
  • Workdocs
• Other application Services
  • AWS SQS
  • AWS SNS
  • Kinesis
• AWS Well-Architected Framework
  • 1st pillar: Operational Excellence
  • 2nd pillar: Security
  • 3rd pillar: Reliability
  • 4th pillar: Performance Efficiency
  • 5th pillar: Cost optimization
• Best Security practices & DR

AWS Certified Security – Specialty Training (SCS-C01)

Cloud Security Introduction

• Cloud Security fundamentals
• AWS security model
• Shared Responsibility
• Exam Outline

Domain 1: Incident Response

• Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
• Preparation stages for incident response
• Mitigation steps to perform Incident response steps
• Verify that the Incident Response plan includes relevant AWS services.
• Dealing with exposed access keys
• Evaluated suspected compromised EC2 Instances
• Evaluate the configuration of automated alerting, and execute possible remediation of security-related incidents and emerging issues.
• AWS Guard duty
• Penetration testing

Domain 2: Logging and Monitoring

• Design and implement security monitoring and alerting.
• Design and implement a logging solution.
• Continuous Security Monitoring
• Introduction to Vulnerability Assessment
• AWS Inspector
• AWS Inspector Assessment targets
• AWS EC2 systems manager
• AWS Config
• Understanding CloudWatch
• VPC Flow Logs
• CloudWatch Events
• AWS Cloud Trail
• AWS Macie
• AWS Detective
• AWS Security Hub
• S3 Event notifications
• Trusted advisor recommendations
• Troubleshoot security monitoring and alerting.
• Troubleshoot logging solutions.

Domain 3: Infrastructure Security

• Design edge security on AWS.
• Design and implement a secure network infrastructure.
• AWS Organizations
• Managing OUs
• CloudFront
• AWS CloudFront Custom SSL
• Firewalls
• Security groups
• Network ACLs
• IPS/IDS concepts in cloud
• AWS Web Application Firewall (WAF)
• AWS Shield concepts
• DDoS Mitigation
• Network Segmentation
• Bastion Hosts
• Virtual Private Cloud (VPC)
• VPC Endpoints
• EC2 Tenancy
• Compliance Frameworks
• AWS lambda fundamentals
• AWS Simple Email Service
• AWS Route53 DNS
• Troubleshoot a secure network infrastructure
• Design and implement host-based security

Domain 4: Identity and Access Management

• Design and implement a scalable authorization and authentication system to access AWS resources.
• Understand the Principle of Least Privilege
• IAM Policies
• IAM JSON Policy Elements
• IAM Roles
• IAM Permission boundaries
• Evaluating effective permissions
• Understanding Delegation
• Cross account policies & roles
• Understanding Federation
• AWS Directory services
• AWS Organizations
• Single Sign-On
• SAML Overview Concepts
• S3 Security
• Cross Account S3 access
• S3 Versioning
• S3 MFA delete
• AWS License manager
• Troubleshoot an authorization and authentication system to access AWS resources.

Domain 5: Data Protection

• Design and implement key management and use
• Cryptography fundamentals
• Cloud Hardware Security Module (HSM)
• AWS Key Management Service (KMS)
• Envelope Encryption
• KMS Authentication and Access Control
• CloudTrail and Encryption
• EBS Architecture and Secure Data Wiping
• S3 Encryption
• AWS Certificate Manager
• ELB- ALB and NLB
• Docker and container security fundamentals
• AWS Glacier
• Troubleshoot key management.
• Design and implement a data encryption solution for data at rest and data in transit.