In this course, you will learn how Amazon Web Services (AWS) offerings can be used to assist with U.S. federal and U.S. Department of Defense (DoD) security and compliance requirements. This course supplements the Cloud Audit Academy (CAA) for Federal and Department of Defense (DoD) Workloads (FDW) in AWS instructor-led training (ILT).
Each module includes interactive walkthroughs of the AWS Management Console, AWS services relevant to each of the modules, or NIST control families covered in the course. The walkthroughs are an optional exercise at the discretion of the instructor.
- Course level: Advanced
- Duration: 3 Hours
Activities
Interactive walkthroughs
Course objectives
In this course, you will learn how to:
- Prove security and compliance, such as providing evidence to auditors and regulators
- Validate security and compliance, such as assessing evidence in AWS environments
- Understand how to address security and control frameworks, originally designed for on-premises environments, with a cloud approach
- Practice security IT auditing techniques that are reshaped by the cloud, such as automated auditing
Intended audience
This course is intended for:
- Cloud Audit Academy (CAA) for Federal and Department of Defense (DoD) Workloads (FDW) in AWScourse participants
- Customers operating federal and DoD workloads in AWS, including auditors or assessors, regulators, compliance and security professionals, and anyone working towards NIST SP 800-171 compliance or compliance with related frameworks such as NIST SP 800-53 and the Cybersecurity Maturity Model Certification (CMMC)
Course outline
Module 1: Introduction to Federal and DoD Workloads in AWS
Module 2: Access Control (AC) and Identification and Authentication (IA)
Module 3: Audit and Accountability (AU) and Incident Response (IR)
Module 4: Risk Assessment (RA) and Security Assessment (CA)
Module 5: System and Communications Protection (SC)
Module 6: Configuration Management (CM) and Maintenance (MA)
Module 1 description
This module provides an interactive walkthrough of AWS Audit Manager as a relevant service to support U.S. Federal and DoD security and compliance requirements based on NIST SP 800-171, NIST SP 800-53, and CMMC.
Module 2 description
This module provides an interactive walkthrough of AWS services relevant to Access Control (AC) and Identification and Authentication (IA).
Module 3 description
This module provides an interactive walkthrough of AWS services relevant to Audit and Accountability (AU) and Incident Response (IR).
Module 4 description
This module provides an interactive walkthrough of AWS services relevant to Risk Assessment (RA) and Security Assessment (CA).
Module 5 description
This module provides an interactive walkthrough of AWS services relevant to System and Communications Protection (SC).
Module 6 description
This module provides an interactive walkthrough of AWS services relevant to Configuration Management (CM) and Maintenance (MA).