Skip to main content

Overview of Amazon Web Services Security and Controls

Back to Course Schedule
Date(s): Jan 10, 2022 - Jan 11, 2022
Time: 8:00AM - 12:00PM
Registration Fee: $179.00
Cancellation Date: Jan 03, 2022
Location: Online

Course Description

Amazon Web Services (AWS) is a collection of cloud-based products that enables companies to offer online services.

These products range from computing, storage, networking, database, analytics, application services, management, and developer tools which constitute the backbone of today’s web-based processes.

AWS enables SAP, SharePoint, and Exchange to be accessible throughout the world via the Internet. Content-based systems including the education content application Blackboard used by many universities, streaming systems providing entertainment, news and advertising content, and shopping systems all rely on AWS and similar products. Security of these systems is of paramount importance.

This seminar provides you with an overview of the security and control considerations within AWS.

Potential CPE Credits: 8.0
Govt Hours: This class meets 8.0 hours of the 24-hour requirement for governmental CPE under Government Auditing Standards (yellow book), in most cases.
Technical Hours: This class meets 8.0 CPE credits of technical training in compliance with Texas Admin. Code Rule 523.102.

Instruction Type: Live
Experience Level:
Category: Auditing

Course Objectives

Upon completion of this course, participants will be able to:

• Fundamental cloud computing and AWS security concepts

• Access control and management features of AWS

• Data encryption methods to secure sensitive data

• The security and compliance benefits

• Services used to maintain governance of the control environments

• A general understanding of the AWS audit features


Introduction to AWS

• Cloud computing essentials

• AWS infrastructure

• AWS components


AWS Security Services

• Access Control

• Access Management

• Data Encryption

• Governance and Monitoring


AWS Auditing

Compliance and Assurance Programs


A basic understanding of cloud computing and IT security controls is required.


Leighton Johnson

Leighton is a Senior Fellow with CPE Interactive focusing on information security and IT audit. In addition to his training role at CPE Interactive, he is CTO of ISFMT, a company focusing on computer security, forensics consulting and certification training, and cybersecurity. He is also the founder and CEO of Chimera Security, a research and development company focusing on cryptography, mobile technology, and cloud computing to create better and more secure solutions for today’s advanced users and providers.

He has over 40 years’ experience in computer security, cybersecurity, software development, communications equipment operations and maintenance, incident response, and forensic investigations. He has taught numerous cybersecurity, anti-terrorism, forensics, and risk management courses both domestically and internationally.

He previously was the Regional CIO and Senior Security Engineer for a large directorate within Lockheed Martin Information Systems and Global Solutions Company.

He is members of the CSA CloudSIRT Working Group developing the model for collaboration among cloud providers, CERT organizations, responders and users; the CSA Security-as-of-Service working group, and other cloud related working groups. He is a contributing author to the “Encyclopedia of Information Assurance”, and authored “Computer Incident Response and Forensics Team Management”, and “Security Controls Evaluation, Testing, And Assessment Handbook”.

He holds certifications in CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CIFI (Certified Information Forensics Investigator), CSSLP (Certified Secure Software Lifecycle Professional), CAP (Certified Authorization Professional), CRISC (Certified in Risk & Information Systems Control), CMAS (Certified Master Antiterrorism Specialist), FITSP-A (Federal IT Security Professional – Auditor), ATOL2 (DOD Anti-Terrorism Officer Level 2), CAS-CTR (Certified Antiterrorism Specialist – Cyber Terrorism Response) and MBCI (Certified Member Business Continuity Institute).

Additional Information

TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.

To see answers to our Frequently Asked Questions, visit


Back to Course Schedule