Courses Offer
Grab the Learning Bonanza with up to 50% OFF on Combo Courses + Buy 1 Get 4* FREE on All Courses*
Grab the Learning Bonanza with up to 50% OFF on Combo Courses + Buy 1 Get 4* FREE on All Courses*
D H M S

AWS Combo (Architect Associate + Security Speciality) Training Course

The AWS combo course (Architect Associate + Security Speciality) from InfosecTrain is a comprehensive training course that combines the Architect Associate and Security Specialty certifications training. This intensive program is designed to equip participants with the essential knowledge and skills required to excel in both areas of expertise within the Amazon Web Services (AWS) ecosystem.

60 hrs

Live Sessions

YOUR LEARNING PATH

  • Course 1
    AWS Architect – Associate (SAA-C03)
  • Course 2
    AWS Security – Specialty (SCS-C02)
  • Master's Certificate
    You will get certificate by Infosectrain

Course Benefits

AWS Combo

Course Highlights

  • 60 Hrs of Instructor-led Training
  • 4 Hrs/Day in Weekend/Weekday
  • Certified Trainer
  • Post Training Support

Accredited By

TRAINING CALENDAR

InfosecTrain Learning Bonanza Offer Buy 1 Get 4*

Register for any Course and get 4 eLearning (Worth USD 199 Self-paced Learning) Courses 100% free. Don't miss this offer Enroll Now

  • Cyber Security Engineer Masterclass
  • Cyber Security Fundamentals (JCP)
  • Introduction of Data Privacy
  • Red Team Ethical Hacking Masterclass

*All 4 free courses are eLearning modules, providing self-paced learning through instructional videos. Offer valid till March 31st, 2024.

Course Description

OVERVIEW

This program has been specifically developed to provide you with a comprehensive knowledge of the AWS Security Architecture. It aims to empower you with the skills necessary to design, deploy, and manage security infrastructure on the AWS Cloud Platform. Starting from the basics of cloud computing, the program covers the essential AWS services architecture, particularly AWS Security. By participating in this program, you will gain the expertise needed to build and secure your organization’s AWS infrastructure. The content is presented in a straightforward and professional manner, ensuring a clear understanding of the concepts and principles involved.

Why AWS Combo Training Course with InfosecTrain?

InfosecTrain is a leading IT security training and consulting organization offering best-in-class yet cost-effective customized training programs to enterprises and individuals across the globe. We offer role-specific certification training programs and prepare professionals for the future. Our AWS Combo training is designed to equip you with comprehensive knowledge of the entire AWS design and security architecture.

Here’s what you get when you choose InfosecTrain as your learning partner:

  • Flexible Schedule: Training sessions to match your schedule and accommodate your needs.
  • Post Training Support with No Expiry Date: Ongoing assistance and support until the learners achieve their certification goals.
  • Recorded Sessions: Access to LMS and recorded sessions for post-training reference.
  • Customized Training: A training program that caters to your specific learning needs.
  • Knowledge Sharing Community: Collaborative group discussions to facilitate knowledge sharing and learning.
  • Certificate: Each candidate receives a certificate of participation as a testament to their accomplishment.
  • Expert Career Guidance: Free Career Guidance and support from industry experts.

Target Audience

  • Candidates with an understanding of IT security and Cybersecurity concepts.
  • Professionals working as Solution Architects.
  • Those who are working in cloud computing and security domains.
  • Those who want to build their career in AWS Security Architecting
  • Anyone interested in gaining the AWS Security Specialty Certification.
  • Anyone wishing to enhance deep security knowledge related to AWS.

Pre-requisites

  • Knowledge of IT/Cyber Security concepts
  • 3+ years of IT experience in job roles related to System Administration, Security, Network Administrators, Operations/DevOps Engineers, etc.
  • Basic understanding of Virtualization fundamentals and Virtualization concepts
  • 1+ years of experience in IT security domains
  • Basic understanding of networking and OS concepts

Exam Information

Since this is a combo course, there will be two different exams for AWS Certified Solutions Architect- Associate and AWS Certified Security – Specialty.

Certification Name AWS Certified Solutions Architect- Associate (SAA-C03) AWS Certified Security – Specialty (SCS-C02)
Exam Format Multiple Choice, Multiple Response Multiple Choice, Multiple Response
Number of Questions 65 65
Exam Duration 130 minutes 170 minutes
Passing Score 720/1000 750/1000
Language English, French, German, Italian, Japanese, Korean, Portuguese, and Simplified Chinese English, French, German, Italian, Japanese, Korean, Portuguese, Simplified Chinese, and Spanish.

 

Learning path

  • Course 1
    AWS Architect – Associate (SAA-C03)
  • Course 2
    AWS Security – Specialty (SCS-C02)
  • Master's Certificate
    You will get certificate by Infosectrain

GET A FREE DEMO CLASS

For
Captcha*
1 + 21 =
loader-infosectrain

Course Objectives

You will be able to:

  • Understand the security controls for AWS environments and workloads.
  • Understand security logging and monitoring capabilities.
  • Able to design and implement Identity and Access Management architecture.
  • Learn Encryption and Key Management for DAR and DIT.
  • Manage Data retention and lifecycle management.
  • Multi-account governance and organizational compliance.
  • Threat detection and Incident response strategies.
  • Vulnerability Management and Security Automation.
  • Demonstrate your skills and working experience on AWS services.
  • Learn the authentication of technical expertise to design, deploy and operate AWS applications.

Course Content

AWS Certified Solutions Architect – Associate (SAA-C03)
Cloud Computing Fundamentals

  • Cloud Computing Concepts
  • Service and Deployment models
  • Shared Responsibility Model
  • Virtualization Concepts
  • Architecture and Security Concepts

Compute

  • AWS EC2
  • Amazon Lightsail
  • AWS Elastic Beanstalk
    • AWS App

Serverless

  • AWS Lambda

Storage

  • AWS Backup
  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon Elastic File System (Amazon EFS)
  • Amazon FSx
  • Amazon S3
  • Amazon S3 Glacier

Database

  • Amazon RDS
  • Amazon Elasticache
    • AWS DynamoDB

Container Services

  • Amazon Elastic Container Service (ECS)
  • AWS Elastic Kubernetes Service (EKS)
    • Amazon Elastic Container Registry (ECR)

Networking and Content Delivery

  • Amazon CloudFront
  • Elastic Load Balancing (ELB)
  • AWS Global Accelerator
  • Amazon Route 53
  • Amazon VPC
  • Other Networking and Content Delivery Overview
    • AWS VPN
    • AWS Transit Gateway
    • AWS Private Link
    • AWS Direct Connect

Security, Identity, and Compliance

  • AWS Artifact
  • AWS Audit Manager
  • AWS Certificate Manager (ACM)
  • AWS CloudHSM
  • Amazon Cognito
  • Amazon Detective
  • AWS Directory Service
  • AWS Firewall Manager
  • Amazon GuardDuty
  • AWS Identity and Access Management (IAM)
  • Amazon Inspector
  • AWS Key Management Service (AWS KMS)
  • Amazon Macie
  • AWS Network Firewall
  • AWS Resource Access Manager (AWS RAM)
  • AWS Secrets Manager
  • AWS Security Hub
  • AWS Shield
  • AWS WAF
    • IAM Identity Center

AWS Cost Management

  • AWS Budgets
  • AWS Cost and Usage Report
  • AWS Cost Explorer
  • Savings Plans

Analytics

  • Amazon Athena
    • Amazon Kinesis

Application Integration

  • Amazon EventBridge (Amazon CloudWatch Events)
    • Amazon Simple Notification Service (Amazon SNS)

Management and Governance

  • AWS CloudFormation
  • AWS CloudTrail
  • Amazon CloudWatch
  • AWS Command Line Interface (AWS CLI)
  • AWS Config
  • AWS Management Console
  • AWS Organizations
  • AWS Systems Manager
  • AWS Trusted Advisor
  • Other Management and Governance Services for review
    • AWS Control Tower
    • AWS License Manager

AWS Certified Security – Specialty (SCS-C02)

Domain 1: Threat Detection and Incident Response

Design and implement an incident response plan

  • Incident Response Strategy
  • Roles and responsibilities in IR plan specific to cloud incidents.
  • Use case 1: Credentials compromise.
  • Use case 2: Compromised EC2 Instances
  • Playbooks and Runbooks for IR
  • AWS Specific services helpful in Incident Response
  • Third-party integration concepts
  • Centralize security finding with security hub

Detect security threats and anomalies by using AWS services

  • Threat detection services specific to AWS
  • Visualizing and Detecting anomalies and correlation techniques
  • Evaluate finding from security services
  • Performing queries for validating security events
  • Create metrics filters and dashboards to detect Anomalous activity

Respond to compromised resources and workloads

  • AWS Security IR Guide
  • Automating remediation by using AWS services
  • Compromised resource management.
  • Investigating and analyzing to conduct Root cause and log analysis.
  • Capturing relevant forensics data from a compromised resource
  • Protecting and preserving forensic artifacts
  • Post-incident recovery

Domain 2: Security Logging and Monitoring

  • Design and Implement monitoring and alerting to address security events
  • Key AWS services for monitoring and alerting
  • Monitoring metrics and baselines
  • Analyzing environments and workloads to determine monitoring requirements according to business and security requirements
  • Setting up tools and scripts to perform regular audits

Troubleshoot security monitoring and alerting

  • Configuring monitoring services and collecting event data
  • Application monitoring, alerting, and visibility challenges

Design and implement a logging solution

  • Key logging services and attributes
  • Log destinations, Ingestion points, and lifecycle management
  • Logging specific to services and applications

Troubleshoot logging solutions

  • AWS services that provide data sources and logging capabilities
  • Access permissions that are necessary for logging
  • Identifying misconfigurations and remediations specific to logging
  • Reasons for missing logs and performing remediation steps

Design a log analysis solution

  • Services and tools to analyze captured logs
  • Identifying patterns in logs to indicate anomalies and known threats
  • Log analysis features for AWS services
  • Log format and components
  • Normalizing, parsing, and correlating logs

Domain 3: Infrastructure Security
Design and implement security controls for edge services

  • Define edge security strategies and security features
  • Select proper edge services based on anticipated threats and attacks and define proper protection mechanisms based on that
  • Define layered Defense (Defense in Depth) mechanisms
  • Applying restrictions based on different criteria
  • Enable logging and monitoring across edge services to indicate attacks

Design and implement network security controls

  • VPC security mechanisms, including Security Groups, NACLs, and Network firewall
  • Traffic Mirroring and VPC Flow Logs
  • VPC Security mechanisms and implement network segmentation based on security requirements
  • Network traffic management and segmentation
  • Inter-VPC connectivity, Traffic isolation, and VPN concepts and; deployment
  • Peering and Transit Gateway
  • AWS Point to Site and Site to Site VPN, Direct Connect
  • Continuous optimization by identifying and removing unnecessary network access

Design and implement security controls for compute workloads

  • Provisioning and maintenance of EC2 instances
  • Create hardened images and backups
  • Applying instance and service roles for defining permissions
  • Host-based security mechanisms
  • Vulnerability assessment using AWS Inspector
  • Passing secrets and credentials security to computing workloads

Troubleshoot network security
Identifying, interpreting, and prioritizing network connectivity and analyzing reachability
Analyze log sources to identify problems
Network traffic sampling using traffic mirroring

Domain 4: Identity and Access Management
Design, implement, and troubleshoot authentication for AWS resources

  • Identity and Access Management
  • Establish identity through an authentication system based on requirements.
  • Managed Identities, Identity federation
  • AWS Identity center, IAM, and Cognito
  • MFA, Conditional access, STS
  • Troubleshoot authentication issues

Design, implement, and troubleshoot authorization for AWS resources

  • IAM policies and types
  • Policy structure and troubleshooting
  • Troubleshoot authorization issues
  • ABAC and RBAC strategies
  • Principle of least privilege and Separation of duties
  • Investigate unintended permissions, authorization, or privileges

Domain 5: Data Protection
Design and implement controls that provide confidentiality and integrity for data in transit

  • Design secure connectivity between AWS and on-premises networks
  • Design mechanisms to require encryption when connecting to resources.
  • Requiring DIT encryption for AWS API calls.
  • Design mechanisms to forward traffic over secure connections.
  • Designing cross-region networking

Design and implement controls that provide confidentiality and integrity for data at rest

  • Encryption and integrity concepts
  • Resource policies
  • Configure services to activate encryption for data at rest and to protect data integrity by preventing modifications.
  • Cloud HSM and KMS

Design and implement controls to manage the data lifecycle at rest

  • Lifecycle policies and configurations
  • Automated life cycle management
  • Establishing schedules and retention for AWS backup across AWS services.

Design and implement controls to protect credentials, secrets, and cryptographic key materials

  • Designing management and rotation of secrets for workloads using a secret manager
  • Designing KMS key policies to limit key usage to authorized users.
  • Establishing mechanisms to import and remove customer-provider key material.

Domain 6: Management and Security Governance

Design a strategy to centrally deploy and manage AWS accounts

  • Multi-account strategies using AWS organization and Control tower
  • SCPs and Policy multi-account policy enforcement
  • Centralized management of security services and aggregation of findings
  • Securing root account access

Implement a secure and consistent deployment strategy for cloud resources

  • Deployment best practices with Infrastructure as a code
  • Tagging and metadata
  • Configure and deploy portfolios of approved AWS services.
  • Securely sharing resources across AWS accounts
  • Visibility and control over AWS infrastructure

Evaluate compliance of AWS resources

  • Data classification by using AWS services
  • Define config rules for detection of non-compliant AWS resources.
  • Collecting and organizing evidence by using Security Hub and AWS audit manager

Identify security gaps through architectural reviews and cost analysis

  • AWS cost and usage anomaly identification
  • Strategies to reduce attack surfaces
  • AWS well-architected framework to identify security gaps

Need customized curriculum? Talk to Advisor

Course Advisor

Choose Your Preferred Learning Mode

1-TO-1 TRAINING

Customized schedule
Learn at your dedicated hour
Instant clarification of doubt
Guaranteed to run

Get Started

ONLINE TRAINING

Flexibility, Convenience & Time Saving
More Effective
Learning Cost Savings

Classes starting from

5th Sep: Weekend

15th Sep: Weekday

ENROLL NOW Preferred

CORPORATE TRAINING

Anytime, Anywhere – Across The Globe
Hire A Trainer
At Your Own Pace
Customized Corporate Training

Contact US For Business

Looking for a customized training?

REQUEST A BATCH

Get Ahead with InfosecTrains Master Certificate

  • Earn your Certificate
    Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain.
  • Differentiate yourself with Masters Certificate
    The knowledge and course skills you've gained working on projects, simulations, case studies will set you ahead of the competition.
  • Share your achievement
    Talk about your Certificate on LinkedIn, Twitter, Facebook, boost your resume, or frame it - tell your friends and colleagues about it.

Here's What people are saying about InfosecTrain

Benefits You Will Access Why Infosec Train

Student-infosectrain Certified & Experienced Instructors
24x71-infosectrain Post Training Support
tailor-infosectrain Customized Training
flexible-infosectrain Flexible Schedule
video1-infosectrain Access to Recorded Sessions

FAQs

1. What are the prerequisites for the AWS Combo training course?

The prerequisites for the AWS Combo training course typically include:

  • Knowledge of IT/Cyber Security Concepts
  • More than a year of experience in IT security domains, preferably in job roles related to System Administration, Security, Network Administrators, Operations/DevOps Engineers, etc.
  • Basic understanding of Virtualization fundamentals and Virtualization concepts
  • Basic understanding of networking and OS concepts
2. How long does the training course typically last?
The AWS Combo training course is structured to be completed within a duration of approximately 60 hours.
3. Will I receive any certification upon completing the AWS Combo training course?
Yes, upon completing the AWS Combo training course and clearing the certification exam, participants will receive certifications for both the Architect Associate and Security Specialty modules.
4. What are the key topics covered in the Architect Associate module?

Following are the topics covered in the Architect Associate module:

  • Domain 1: Design Secure Architectures – 30%
  • Domain 2: Design Resilient Architectures – 26%
  • Domain 3: Design High-Performing Architectures – 24%
  • Domain 4: Design Cost-Optimized Architectures – 20%
5. What are the key topics covered in the Security Specialty module?

Following are the topics covered in the Security Specialty module:

  • Domain 1: Threat Detection and Incident Response – 14%
  • Domain 2: Security Logging and Monitoring – 18%
  • Domain 3: Infrastructure Security – 20%
  • Domain 4: Identity and Access Management – 16%
  • Domain 5: Data Protection – 18%
  • Daomin 6: Management and Security Governance – 14%
6. Are there any hands-on exercises or labs included in the training course?

Yes, along with the right kind of theoretical knowledge to achieve the certification, you will also receive hands-on experience working with cloud computing during this AWS combo training.

7. How does this training course prepare participants for the AWS Architect Associate and Security Specialty exams?

Here’s how the training course prepares participants for the exams:

  • Comprehensive Coverage
  • Expert instructors
  • Hands-on labs and exercises
  • Practice exams and mock assessments
  • Exam strategies and tips

Latest Blog Posts

TOP
whatsapp