This lab leads you through the steps to perform basic audits of core AWS resources. You will use the AWS Management Console to understand how to audit the use of multiple AWS services, Amazon EC2, Amazon VPC, Amazon IAM, Amazon Security Groups, AWS CloudTrail and AWS CloudWatch. This lab will help you understand how you can extend your existing auditing objectives related to organizational Governance, Asset Configuration, Logical Access Controls, Operating Systems, Databases and Applications security configurations within AWS. The skills learned will help provide visibility; testability and automated audit evidence gather capabilities.
Level
Fundamental
Duration
1 Hours 0 MinutesCourse Objectives
In this course, you will learn how to:
- Review user permissions in AWS IAM
Capture audit evidence using AWS IAM Policy Simulator
Review Inbound and Outbound networking rules for Amazon EC2 Security Groups
Review Amazon VPC configurations, subnets, and Network ACLs
Review Amazon CloudWatch performance metrics
Review raw Amazon CloudTrail logs within Amazon S3
Intended Audience
This course is intended for:
- Architects
- Security Engineers
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- Familiar with basic AWS services
Course Outline
Task 1: Audit User Permissions in IAM
Task 2: Review Security Configuration of Amazon EC2 Instances
Task 3: Review Amazon VPC Security Configurations
Task 4: Audit CloudWatch Metrics and Alarms
Task 5: Audit CloudTrail Logs
