Scenario: 1
A website is hosted in an Auto Scaling group of EC2 instances behind an
Application Load Balancer in
US West (N. California) region. There is a new requirement to place a
CloudFront distribution in front
of the load balancer to improve the site's latency and lower the load on
the
origin servers. The Security
Engineer must implement HTTPS communication from the client to
CloudFront
and then from
CloudFront to the load balancer. A custom domain name must be used for
your
distribution and the
SSL/TLS certificate should be generated from AWS Certificate Manager
(ACM).
How many certificates should be generated by the Engineer in this
scenario?
Scenario: 2
Welcome to Home Depot!. You have just joined the team and your first
task is to enhance security for the company
website. The site runs on Linux, PHP and Apache and uses an EC2 an
autoscaling group behind an Application Load Balancer
(ALB). After an initial architecture assessment you have found multiple
vulnerabilities and configuration issues. The
dev team is swamped and will not be able to remediate code level issues
for several weeks. Your mission in this workshop
round is to build an effective set of controls that mitigate common
attack vectors against web applications, and provide
you with the monitoring capabilities needed to react to emerging threats
when they occur.
Scenario: 1
A website is hosted in an Auto Scaling group of EC2 instances behind an
Application Load Balancer in
US West (N. California) region. There is a new requirement to place a
CloudFront distribution in front
of the load balancer to improve the site's latency and lower the load on the
origin servers. The Security
Engineer must implement HTTPS communication from the client to CloudFront
and then from
CloudFront to the load balancer. A custom domain name must be used for your
distribution and the
SSL/TLS certificate should be generated from AWS Certificate Manager (ACM).
How many certificates should be generated by the Engineer in this scenario?
Scenario: 2
We found out that anyone from the Internet can bypass CloudFront that we
have configured for security
and open the app skipping protection we have from the components at the
Edge. Meaning: the
Application Load Balancer can be an easier target for an attack and a weak
spot. Help us to fix that!
The LORD appeared to us in the past, saying: “I have loved you with an everlasting love; I have drawn you with unfailing kindness.(Jeremiah 31:3, NIV)
If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world
The LORD appeared to us in the past, saying: “I have loved you with an everlasting love; I have drawn you with unfailing kindness.(Jeremiah 31:3, NIV)
If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world
And so we know and rely on the love God has for us. God is love. Whoever lives in love lives in God, and God in them. ( 1John 4:16 NIV)
If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world