Security Engineering on AWS

Security Engineering on AWS

Course Duration
3 Days

Training Mode

Accredited By

Course Overview

This course demonstrates how to use AWS security services effectively to stay secure in the AWS Cloud. The course focuses on the security practises recommended by AWS for improving the security of your cloud data and systems. It emphasises the security features of AWS key services such as compute, storage, networking, and database. Students will also learn how to use AWS services and tools for automation, continuous monitoring and logging, and incident response. 

Corporate Benefits

Upskilling your employees in this certification offers several advantages, including: 

  • Increasing the level of security in the company to protect corporate data from unauthorised access, theft, or loss 
  • Improving the company’s compliance with industry regulations that are required for many businesses, as well as increasing customer trust 
  • Lowering the company’s operational risk of downtime and the costs associated with it 
  • Improving the operational efficiency of an organisation by streamlining and minimising security processes in order to resolve security issues 
  • Increasing the company’s competitive advantage by demonstrating a commitment to security 

Course ratings

Nabilah Sazali
Cybersecurity Analyst
Read More
"We recently enrolled our security team in the Security Engineering on AWS course, and it has been a game-changer for our organization. The course provided our team with the knowledge and skills needed to build and maintain secure, compliant AWS environments."
Ganesan Balakrishnan
Information Security Officer
Read More
"Our team was tasked with migrating our organization's applications to AWS. The Security Engineering on AWS course helped us understand best practices for securing our infrastructure and applications, and gave us the confidence to make the migration successfully.”
Low Pei Yee
Security Consultant
Read More
"The Security Engineering on AWS course is an absolute must for anyone responsible for securing their organization's AWS environment. The course covers a wide range of security topics and provides practical advice for implementing security best practices in the cloud."
Mohd Farhan Mohd Hisham
Cybersecurity Engineer
Read More
"The Security Engineering on AWS course exceeded our expectations. This course has helped us improve our security posture in AWS, and we plan to enroll our entire team in the course in the future."

Why Choose Us ?

  • Reputable training facility with over 20 years of experience.
  • Experienced and knowledgeable instructors
  • High-quality, relevant, and up-to-date training materials
  • Convenient training that fits your hectic schedule
  • Good value for money that is worth the investment

Course Objectives

  • Identify security benefits and responsibilities of using the AWS Cloud 
  • Build secure application infrastructures 
  • Protect applications and data from common security threats 
  • Perform and automate security checks 
  • Configure authentication and permissions for applications and resources 
  • Monitor AWS resources and respond to incidents 
  • Capture and process logs 
Show more

Who Should Get Certified

  • Security Engineers  
  • Security Architects 
  • Information Security Professionals
Show more


  • Have working knowledge of IT security practises and infrastructure concepts 
  • Familiarity with cloud computing concepts 
  • Have completed AWS Security Essentials and Architecting on AWS instructor-led courses
Show more

Course Curriculum

Module 1: Security Overview and Review 

  • Explain Security in the AWS Cloud 
  • Explain AWS Shared Responsibility Model 
  • Summarize IAM, Data Protection, and Threat Detection and Response 
  • State the different ways to interact with AWS using the console, CLI, and SDKs 
  • Describe how to use MFA for extra protection 
  • State how to protect the root user account and access keys 


Module 2: Securing Entry Points on AWS 

  • Describe how to use multi-factor authentication (MFA) for extra protection 
  • Describe how to protect the root user account and access keys 
  • Describe IAM policies, roles, policy components, and permission boundaries 
  • Explain how API requests can be logged and viewed using AWS CloudTrail and how to view and analyze access history 
  • Hands-On Lab: Using Identity and Resource Based Policies 


Module 3: Account Management and Provisioning on AWS 

  • Explain how to manage multiple AWS accounts using AWS Organizations and AWS Control Tower 
  • Explain how to implement multi-account environments with AWS Control Tower 
  • Demonstrate the ability to use identity providers and brokers to acquire access to AWS services 
  • Explain the use of AWS IAM Identity Center (successor to AWS Single Sign-On) and AWS Directory Service 
  • Demonstrate the ability to manage domain user access with Directory Service and IAM Identity Center 
  • Hands-On Lab: Managing Domain User Access with AWS Directory Service 


Module 4: Secrets Management on AWS 

  • Describe and list the features of AWS KMS, CloudHSM, AWS Certificate Manager (ACM), and AWS Secrets Manager 
  • Demonstrate how to create a multi-Region AWS KMS key 
  • Demonstrate how to encrypt a Secrets Manager secret with an AWS KMS key 
  • Demonstrate how to use an encrypted secret to connect to an Amazon Relational Database 
  • Service (Amazon RDS) database in multiple AWS Regions 
  • Hands-on lab: Lab 3: Using AWS KMS to Encrypt Secrets in Secrets Manager 


Module 5: Data Security 

  • Monitor data for sensitive information with Amazon Macie 
  • Describe how to protect data at rest through encryption and access controls 
  • Identify AWS services used to replicate data for protection 
  • Determine how to protect data after it has been archived 
  • Hands-on lab: Lab 4: Data Security in Amazon S3 


Module 6: Infrastructure Edge Protection 

  • Describe the AWS features used to build secure infrastructure 
  • Describe the AWS services used to create resiliency during an attack 
  • Identify the AWS services used to protect workloads from external threats 
  • Compare the features of AWS Shield and AWS Shield Advanced 
  • Explain how centralized deployment for AWS Firewall Manager can enhance security 
  • Hands-on lab: Lab 5: Using AWS WAF to Mitigate Malicious Traffic 


Module 7: Monitoring and Collecting Logs on AWS   

  • Identify the value of generating and collecting logs 
  • Use Amazon Virtual Private Cloud (Amazon VPC) Flow Logs to monitor for security events 
  • Explain how to monitor for baseline deviations 
  • Describe Amazon EventBridge events 
  • Describe Amazon CloudWatch metrics and alarms 
  • List log analysis options and available techniques 
  • Identify use cases for using virtual private cloud (VPC) Traffic Mirroring 
  • Hands-on lab: Lab 6: Monitoring for and Responding to Security Incidents 


Module 8: Responding to Threats 

  • Classify incident types in incident response 
  • Understand incident response workflows 
  • Discover sources of information for incident response using AWS services 
  • Understand how to prepare for incidents 
  • Detect threats using AWS services 
  • Analyze and respond to security findings 
  • Hands-on lab: Lab 7: Incident Response
Show more

Claim with HRD-Corp

We are an authorized training provider of HRD Corp (Human Resources Development Corporation). Our certification training programs are eligible for funding under SBL-Khas Scheme. 

HRD Corp provides training and upskilling opportunities for Malaysian employees who are: 

  • Malaysian citizens or permanent residents
  • Employed in a company that contributes to HRD Corp (employer with 10 or more Malaysian employees, or employers from specific sectors)
  • Registered with the HRD Corp portal and have an activated account
  • Have not attended the same training program within the last 12 months
  • Meet the specific requirements for the training program, such as qualifications, skills, or job-specific criteria

Invest in your employees’ professional growth and development by claiming your training with HRD-Corp today! 

Upcoming Training Date

10 - 12 April 2023

8 - 10 May 2023

6 - 8 June 2023

10 - 12 July 2023

7 - 11 August 2023

4 - 8 September 2023

2 - 6 October 2023

6 - 10 November 2023

4 - 8 December 2023


Training 6 or more people?