Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Amazon Web Services

AWS Security Incident Response Overview

Amazon Web Services and Amazon via AWS Skill Builder

Overview

Security Incident Response Overview is the first course in the Security Incident Response curriculum. This course is a prerequisite for interactive use cases that guide you through investigating common types of security incidents.

In Module One: Define Security Incident Response, you will be introduced to security incidents and the security incident response workflow. In Module Two: Use AWS Services to Investigate Security Incidents, you will discover how investigate security incidents using AWS services for each phase of the security incident response workflow.

-         Course level: Fundamental

-         Duration: 1 hour 40 minutes


Activities

This course includes interactive learning objects.


Course objectives

In this course, you will learn to do the following:

·        Define a computer security incident. 

·        Define incident response and the importance of having a process in place. 

·        List the cloud security incident domains.

·        Recognize the key differences of incident response in Amazon Web Services (AWS).

·        Explain the security incident response process for AWS.

·        State the purpose and goal of each phase of the security incident response process.

·        Identify appropriate AWS services to use for each phase of the security incident response process.

·        Describe how to use AWS services to investigate a security incident.

·        Locate training and resources for AWS services to investigate security incidents.


Intended audience

This course is intended for the following roles:

-         Security engineers

-         Security operations center (SOC) analysts, incident analysts (responders), and security operations (SecOps)

-         Security managers and security principals

 

Prerequisites

We recommend that attendees of this course have the following prerequisites:

-         AWS Security Fundamentals (Second Edition), which provides baseline training on how the AWS services work

 

Course outline

Module 1: Define Security Incident Response

Section 1: Navigation

- How to Use This Course

Section 2: Introduction

- Lesson 1: Welcome

Section 3: Security Incidents Overview

- Lesson 1: Security Incident Definition

- Lesson 2: Investigating Security Incidents

- Lesson 3: Security Incidents in the AWS Cloud

Section 4: Security Incident Response Workflow

- Lesson 1: Overview

- Lesson 2: Detect Phase

- Lesson 3: Analyze Phase

- Lesson 4: Contain Phase

- Lesson 5: Eradicate Phase

- Lesson 6: Recover Phase

Section 5: Conclusion

- Lesson 7: Contact Us

 

Module 2: Use AWS Services to Investigate Security Incidents

Topic 1: Introduction

- Lesson 1: How to Use This Course

- Lesson 2: Welcome

Topic 2: Use AWS Services for Security Incident Response

- Lesson 3: Overview

- Lesson 4: Detect with AWS

- Lesson 5: Analyze with AWS

- Lesson 6: Contain with AWS

- Lesson 7: Eradicate with AWS

- Lesson 8: Recover with AWS

- Lesson 9: Putting it All Together

 

Topic 3: Conclusion

- Lesson 10: Security Incident Response Resources

- Lesson 11: Contact Us

Reviews

5.0 rating, based on 2 Class Central reviews

Start your review of AWS Security Incident Response Overview

  • Anonymous
    Incident Response Lifecycle: The course provides a detailed breakdown of the phases of incident response, including preparation, detection and analysis, containment, eradication, recovery, and post-incident review. Each stage is explained in depth,…
  • Profile image for Getnet Seyoum Kibret
    Getnet Seyoum Kibret
    Its essential for deep understanding of cyber mitigation process and advanced threat detection against cyber attackers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.