Scribd
Upload
5 views

aws1

The AWS Security Fundamentals course, led by Enderson DeOliveira, emphasizes the importance of security in cloud environments and introduces various AWS services that enhance controllability, audibility, and visibility of cloud resources. Participants will learn about security benefits, access control, data protection, and monitoring services, along with design principles for strengthening security. The course also covers the AWS Shared Responsibility Model, outlining the division of security responsibilities between AWS and its customers.

Uploaded by

magifa9476
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
5 views

aws1

The AWS Security Fundamentals course, led by Enderson DeOliveira, emphasizes the importance of security in cloud environments and introduces various AWS services that enhance controllability, audibility, and visibility of cloud resources. Participants will learn about security benefits, access control, data protection, and monitoring services, along with design principles for strengthening security. The course also covers the AWS Shared Responsibility Model, outlining the division of security responsibilities between AWS and its customers.

Uploaded by

magifa9476
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

Welcome to AWS Security Fundamentals.

I’m Enderson DeOliveira with AWS Training and


Certification.

Security is a top priority on anyone’s list. Here at AWS, we offer several


different services and tools
that provide you with controllability, audibility, and visibility into your cloud
resources and workloads.
We also offer agility and automation via our services, which are crucial for a good
incident response plan.

For example, AWS Config can help keep track of your AWS resources, granting you
visibility into
your inventory and your user and application activity. There’s also AWS CloudTrail,
which can help you answer questions such as, “What actions did a specific user take
over a given period of time,”
and “Which resource was affected by that action and from which IP address.” In a
traditional environment,
it would normally be very difficult to have this level of detail for all executed
actions.

Now, these are just two of the services that I will be introducing to you in this
course.

And by the end of the course, you should have a basic understanding of what these
services are and what they do,
so that you can start a conversion around security and compliance at your place of
work or with someone here at AWS.

Learning Objectives
By the end of this course, you will learn how to:

1.Identify security benefits and responsibilities when using the AWS Cloud.

2.Describe the access control and management features of AWS.

3.Identify the different data protection services to secure sensitive data.

4.Describe how network access to your AWS resources can be secured.

5.Determine the AWS services used for security logging and monitoring.

Design Principles

In the cloud, there are a number of principles that can help you strengthen your
security.
Use the principles described below to help guide your conversation around security
and compliance.
Expand each of the seven principles below for more information.
1) Implement a strong identity foundation
Implement the principle of least privilege and enforce separation of duties with
appropriate authorization
for each interaction with your AWS resources.

2) Enable traceability
Monitor, alert, and audit actions and changes to your environment in real time.
Integrate logs and metrics
with systems to automatically respond and take action.

3) Apply security at all layers


Rather than just focusing on protection of a single outer layer, apply a defense-
in-depth approach with other security controls.

4) Automate security best practices


Automated software-based security mechanisms improve your ability to securely scale
more rapidly and cost effectively.
Implement controls that are defined and managed as code in version-controlled
templates.

5) Protect data in transit and at rest


Classify your data into sensitivity levels and where appropriate, use mechanisms
like encryption and access control.

6) Enforce the principle of least privilege


Access to data should only be granted to the people who really need that access.
Start with denying access to everything and grant access as needed.

7) Prepare for security events


Prepare for an incident by having an incident management process that aligns to
your organizational requirements.
Run incident response simulations and use tools with automation to increase your
speed for detection, investigation, and recovery.

AWS Shared Responsibility Model

AWS is responsible for protecting the global infrastructure that runs all of the
services offered in the AWS Cloud. This infrastructure comprises the hardware,
software, networking, and facilities that run AWS services.

As an AWS customer, you are responsible for securing your data, operating systems,
networks, platforms, and other resources that you create in the AWS Cloud. You are
responsible for protecting the confidentiality, integrity, and availability of your
data and for meeting any specific business and/or compliance requirements for your
workloads.

In this course, we will look at how AWS deals with security OF the cloud, and how
you can take care of security IN the cloud.

You might also like