Training on storage, backup & storage automations

🔐 Cloud Security & Automation (AWS & GCP) – Job‑Ready Syllabus

Target audience

  • IT professionals with 1–8 years experience

  • Cloud / DevOps / Infra / Security backgrounds

Duration

  • 6 weeks(12 classes)

  • Hands‑on focused (not exam‑only)

MODULE 1: Cloud Security Foundations

· Why Cloud Security?

· Targeted Job Role

· Case Study of Hacked Server

· Threat Detection

· AWS GuardDuty

· Incident Response

· Shared Responsibility Model

· Common cloud breach patterns

· AWS Account Setup or Lab Access

· EC2 Instance Metadata (IMDSv1 vs IMDSv2)

· ✅ Labs:

MODULE 2: Cloud Network Security

· Bastion Host

· Secure VPC architecture

· Public vs private workload design

· Security Groups vs NACLs

· NAT Gateway

· Zero‑trust networking concepts

· Load Balancer

· Amazon CloudFront

· OSI Model

· Layer 4 vs Layer 7

· Amazon WAF

· Web ACLs

· ✅ Labs:

MODULE 3: Identity & Access Management

· AWS IAM deep dive

· Users vs Roles vs Services

· Trust policy vs permission policy

· Least‑privilege design

· IAM privilege escalation scenarios

· Cross‑account access patterns

· ✅ Labs:

MODULE 4: Data Protection & Secrets Security

· Encryption at rest & in transit

· KMS fundamentals

· Secrets Manager / Parameter Store

· Securing S3

· ✅ Labs:

MODULE 5: Security Logging, Monitoring & Detection

· Amazon Inspector

· AWS Security Hub

· CloudTrail (investigation‑centric)

· VPC Flow Logs basics

· Security monitoring mindset

· ✅ Labs:

MODULE 6: Terraform Fundamentals for Security Engineers

· Infrastructure‑as‑Code concepts

· Terraform workflow

· Remote state security

· Why IaC prevents security issues

· Variables, modules, reusable security patterns

· Common Terraform misconfigurations

· Preventing 0.0.0.0/0, wildcards, hard‑coded secrets

· Terraform setup in own machine.

· Labs

Module 7: System Security & Common Vulnerability Remediations

· Linux Basics

· Bash commands

· File Permission structure

· LVM & File System

· Common Linux Vulnerabilities

· Common Windows Vulnerabilities

· Labs

Module 8: GCP Foundations & Architectural Networking

· GCP Global VPC

· Network Tag based, GCP Firewall Rules

· Cloud NAT

· Cloud Compute Instance

· Multi Instance Group (MIG)

· Fleet Management

· Labs

Module 9: GCP Resource Hierarchy & Cloud Identity Governance

· Resource Hierarchy (Organization, Folder, Projects)

· Policy Inheritance

· GCP IAM Role

· Service Accounts

· Cloud Logging & Monitoring

· Security Command Center (SCC)

· Labs

Module 10: GCP Data Protection

· GCP Cloud stotage security

· GCP Cloud KMS

· Cloud IAM

· Cloud Function

· Cloud Run security

· Google Cloud Armor

· Labs

Module 11: Container Security

· Docker Basic

· Docker Hub & Docker File

· Kubernetes Basic

· Kubernetes security basic

· DevSecOps concept

· CI/CD concept

· CI/CD pipeline scanning

· Container Scanning

· Container Vulnerability Mitigations

· Labs

MODULE 12: Multi-Cloud Attack Paths & Prisma Cloud Incident Response

· Cloud Security Posture Management (CSPM)

· Resource Query Language (RQL)

· Cross-Cloud Threat Hunting

· Multiple Prisma Cloud Alerts and their resolutions.

· LABs

· Sample Interview Questions

· Mock Interview / Resume building if required

Expertise

YouTube Channel & Linkedin Profile

📱 Connect with us: +91-9647524712

© 2015 All rights reserved.