Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Amazon Web Services

Threat Hunting with AWS Network Firewall Deployment

Amazon Web Services and Amazon via AWS Skill Builder

Overview

In this lab, you use a combination of domain lists, rule groups, and monitoring to secure a VPC and locate a series of rogue EC2 instances.

Level

Intermediate

Duration

1 Hours 30 Minutes

Course Objectives

By the end of this lab, you will be able to do the following:

  • Configure stateful rule groups in AWS Network Firewall that follow Suricata-compatible intrusion prevention system (IPS) rule specifications.
  • Use a combination of managed and custom DNS domain lists to create a DNS Firewall that alerts administrators to suspicious queries.
  • Use Log Insights and Contributor Insights in Amazon CloudWatch to identify rogue EC2 instances.

Intended Audience

This course is intended for:

  • Security Engineers
  • Technical Security Analysts
  • Cloud Architects

Prerequisites

We recommend that attendees of this course have the following prerequisites:

Familiarity with routing and DNS are recommended. You should also be comfortable working with the Command Line Interface (CLI) in a Linux environment.

Course Outline

  • Task 1: Explore the network architecture
  • Task 2: Stateful firewall rules
  • Task 3: Route53 Resolver DNS Firewall
  • Task 4: Threat Hunting
  • Task 5: Quarantine

Reviews

Start your review of Threat Hunting with AWS Network Firewall Deployment

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.