Sr. Name of Experiment Hours No 1. In this lab, you will learn how to configure permissions by using AWS Identity and Access Management (IAM) identity-based and resource-based policies, such as Amazon Simple Storage Service (Amazon S3) bucket policies. You will also learn how IAM policies and resource policies define access permissions. After completing this lab, you should be able to do the following: Recognize how to use IAM identity-based policies and resource-based policies to define fine-grained access control to AWS services and resources. 04 Describe how an IAM user can assume an IAM role to gain different access permissions to an AWS account. Explain how S3 bucket policies and IAM identity-based policies that are assigned to IAM users and roles affect what users can see or modify across different AWS services in the AWS Management Console.
Reference: https://awsacademy.instructure.com/courses/85539 2. Security groups are virtual firewalls that are attached to Amazon Elastic Compute Cloud (Amazon EC2) instances. Security group rules define what traffic is allowed in or out of an instance. In this lab, you are tasked to configure access rules for EC2 instances. After completing this lab, you should be able to do the following: Examine security groups to determine what traffic is allowed. Change which security groups are applied to EC2 instances. Create new security groups. 04 Update the inbound rules on security groups to follow the principle of least privilege. Understand how security groups can reference other security groups. Configure a network access control list (ACL) to block traffic on a specific TCP port. Connect to an instance in a private subnet by using SSH. CHAROTAR UNIVERSITY OF SCIENCE AND TECHNOLOGY CHANDUBHAI S PATEL INSTITUTE OF TECHNOLOGY K.D. PATEL DEPARTMENT OF INFORMATION TECHNOLOGY ACADEMIC YEAR: 2024-25 Connect to an instance in a private subnet by using AWS Systems Manager Session Manager.
Reference: https://awsacademy.instructure.com/courses/85539 3. In this lab, you will use the AWS Key Management Service (AMS KMS) to encrypt data at rest. You will create an AWS KMS key, use it to encrypt objects stored in Amazon Simple Storage Service (Amazon S3), and use it to encrypt Amazon Elastic Block Store (Amazon EBS) volumes. You will also see how AWS CloudTrail provides an audit log of AWS KMS key usage and how disabling the key affects data access. After completing this lab, you should be able to do the following: Create an AWS KMS customer managed key to encrypt and decrypt data at rest. Store an encrypted object in an S3 bucket by using an encryption key. 04
Attempt public access and signed access to an encrypted S3 object.
Monitor encryption key usage by using the CloudTrail event history. Encrypt the root volume of an existing Amazon Elastic Compute Cloud (Amazon EC2) instance. Disable and re-enable an AWS KMS key and observe the effects on data access.
Reference: https://awsacademy.instructure.com/courses/85539 4. In this lab, you will configure logging and monitoring in an AWS account. You will understand how to create an AWS CloudTrail trail, which will be an audit log of API calls made in the account. You will then create an Amazon Simple Notification Service (Amazon SNS) topic. By subscribing your email to the topic, you will be alerted when particular events occur. Next, you will define an Amazon EventBridge rule. The rule will notice any time that someone modifies a security group and will send you an email alert about the incident. Finally, you will create an Amazon CloudWatch alarm to notice whenever multiple failed login attempts occur for the AWS Management Console. After 04 completing this lab, you should be able to do the following: Analyze event details in the CloudTrail event history. Create a CloudTrail trail with CloudWatch logging enabled. Create an SNS topic and an email subscription to it. Configure an EventBridge rule to monitor changes to resources in an AWS account. Create CloudWatch metric filters and CloudWatch alarms. CHAROTAR UNIVERSITY OF SCIENCE AND TECHNOLOGY CHANDUBHAI S PATEL INSTITUTE OF TECHNOLOGY K.D. PATEL DEPARTMENT OF INFORMATION TECHNOLOGY ACADEMIC YEAR: 2024-25 Query CloudTrail logs by using CloudWatch Logs Insights.
Reference: https://awsacademy.instructure.com/courses/85539 5. In this lab, you will learn how to use the AWS Config service to monitor changes to specific resources in your AWS account. You will discover how to use the service to identify changes that could be a security concern, such as a user modifying an Amazon Elastic Compute Cloud (Amazon EC2) security group. Furthermore, you will then gain practical experience by integrating AWS Config with AWS Lambda to automatically remediate specific security incidents of concern. After completing this lab, you should be able to do the following: Explain how to use AWS Identity and Access Management (IAM) roles to grant 04 AWS services access to other AWS services. Enable AWS Config to monitor resources in an AWS account. Create and enable a custom AWS Config rule that uses a pre-created Lambda function. Test the behavior of an AWS Config rule to ensure it's working as intended. Analyze Amazon CloudWatch logs to audit when AWS Config rules are invoked.
Reference: https://awsacademy.instructure.com/courses/85539 6. Demonstration of any security tool related to ethical hacking. 04 Reference: https://www.kali.org/tools/ 7. Demonstration of any security tool related to network defense. 04 Reference: https://www.kali.org/tools/ 8. Case study on Firewall/Intrusion Detection System/Intrusion Prevention System. 02 Reference: https://www.kali.org/tools/
