|| 5 days
||9.00am - 5.00pm
Click here to contact us
This course is delivered by SANS Institute.
SEC541 is a cloud security course that investigates how attackers are operating against Amazon Web Services (AWS) and Microsoft Azure environments, the attacker's characteristics, and how to detect and investigate suspicious activity in your cloud infrastructure. You will learn how to spot the malice and investigate suspicious activity in your cloud infrastructure. In order to protect against cloud environment attacks, an organization must know which types of attacks are most likely to happen in your environment, be able to capture the correct data in a timely manner, and be able to analyze that data within the context of their cloud environment and overall business objectives.
Anyone who performs monitoring, threat detection, incident response, or is responsible for logging in a cloud environment, including:
• Security Analysts
• Security Engineer
• Security Architects
• Vulnerability Assessor
• Incident Responders
NICE Framework Job Roles
• Cyber Defense Analyst: PR-CDA-001
• Cyber Defense Infrastructure Support Specialist: PR-INF-001
• Cyber Defense Incident Responder: PR-CIR-0001
• Adversary Emulation Specialist / Red Teamer: PR-VAM-001
• Threat/Warning Analyst: AN-TWA-001
Students should be familiar with AWS or Azure and have worked with them hands-on, especially security professionals working in the cloud security field who understand basic threats and attack vectors.
The course assumes that students can understand or do the following without help:
- Understand basic cloud resources such as virtual machines, storage services, and Identity Access Management
- Hands-on experience in the command line, as much of the labs will be leveraging a Linux command line console.
- Understand how identity access roles/policies work in cloud environments
- Understand basic cloud networking capabilities