Threat Hunting with AWS Network Firewall Deployment
Offered By: Amazon Web Services via AWS Skill Builder
Course Description
Overview
In this lab, you use a combination of domain lists, rule groups, and monitoring to secure a VPC and locate a series of rogue EC2 instances.
Level
Intermediate
Duration
1 Hours 30 MinutesCourse Objectives
By the end of this lab, you will be able to do the following:
- Configure stateful rule groups in AWS Network Firewall that follow Suricata-compatible intrusion prevention system (IPS) rule specifications.
- Use a combination of managed and custom DNS domain lists to create a DNS Firewall that alerts administrators to suspicious queries.
- Use Log Insights and Contributor Insights in Amazon CloudWatch to identify rogue EC2 instances.
Intended Audience
This course is intended for:
- Security Engineers
- Technical Security Analysts
- Cloud Architects
Prerequisites
We recommend that attendees of this course have the following prerequisites:
Familiarity with routing and DNS are recommended. You should also be comfortable working with the Command Line Interface (CLI) in a Linux environment.
Course Outline
- Task 1: Explore the network architecture
- Task 2: Stateful firewall rules
- Task 3: Route53 Resolver DNS Firewall
- Task 4: Threat Hunting
- Task 5: Quarantine
Tags
Related Courses
Noções básicas do AWS Network Firewall (Português) | AWS Network Firewall Fundamentals (Portuguese)Amazon Web Services via AWS Skill Builder AWS Network Firewall Fundamentals (Korean)
Amazon Web Services via AWS Skill Builder AWS Network Firewall Fundamentals (Japanese)
Amazon Web Services via AWS Skill Builder Conceptos básicos de AWS Network Firewall (Español LATAM) | AWS Network Firewall Fundamentals (LATAM Spanish)
Amazon Web Services via AWS Skill Builder AWS Network Firewall Fundamentals
Amazon Web Services via AWS Skill Builder