Course Information
Overview of Amazon Web Services Security and Controls
Course Description
Amazon Web Services (AWS) is a collection of cloud-based products that enables companies to offer online services.
These products range from computing, storage, networking, database, analytics, application services, management, and developer tools which constitute the backbone of today’s web-based processes.
AWS enables SAP, SharePoint, and Exchange to be accessible throughout the world via the Internet. Content-based systems including the education content application Blackboard used by many universities, streaming systems providing entertainment, news and advertising content, and shopping systems all rely on AWS and similar products. Security of these systems is of paramount importance.
This seminar provides you with an overview of the security and control considerations within AWS.
Course Objectives
Upon completion of this course, participants will be able to:
• Fundamental cloud computing and AWS security concepts
• Access control and management features of AWS
• Data encryption methods to secure sensitive data
• The security and compliance benefits
• Services used to maintain governance of the control environments
• A general understanding of the AWS audit features
Introduction to AWS
• Cloud computing essentials
• AWS infrastructure
• AWS components
AWS Security Services
• Access Control
• Access Management
• Data Encryption
• Governance and Monitoring
AWS Auditing
Compliance and Assurance Programs
Prerequisites
A basic understanding of cloud computing and IT security controls is required.
Instructors
Leighton is a Senior Fellow with CPE Interactive focusing on information security and IT audit. In addition to his training role at CPE Interactive, he is CTO of ISFMT, a company focusing on computer security, forensics consulting and certification training, and cybersecurity. He is also the founder and CEO of Chimera Security, a research and development company focusing on cryptography, mobile technology, and cloud computing to create better and more secure solutions for today’s advanced users and providers.
He has over 40 years’ experience in computer security, cybersecurity, software development, communications equipment operations and maintenance, incident response, and forensic investigations. He has taught numerous cybersecurity, anti-terrorism, forensics, and risk management courses both domestically and internationally.
He previously was the Regional CIO and Senior Security Engineer for a large directorate within Lockheed Martin Information Systems and Global Solutions Company.
He is members of the CSA CloudSIRT Working Group developing the model for collaboration among cloud providers, CERT organizations, responders and users; the CSA Security-as-of-Service working group, and other cloud related working groups. He is a contributing author to the “Encyclopedia of Information Assurance”, and authored “Computer Incident Response and Forensics Team Management”, and “Security Controls Evaluation, Testing, And Assessment Handbook”.
He holds certifications in CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CIFI (Certified Information Forensics Investigator), CSSLP (Certified Secure Software Lifecycle Professional), CAP (Certified Authorization Professional), CRISC (Certified in Risk & Information Systems Control), CMAS (Certified Master Antiterrorism Specialist), FITSP-A (Federal IT Security Professional – Auditor), ATOL2 (DOD Anti-Terrorism Officer Level 2), CAS-CTR (Certified Antiterrorism Specialist – Cyber Terrorism Response) and MBCI (Certified Member Business Continuity Institute).
Additional Information
TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.
To see answers to our Frequently Asked Questions, visit http://www.sao.texas.gov/training/faq.html.