• Online, Self-Paced

This course will examine how cryptography and PKI (public key infrastructure) provide data confidentiality and security in the cloud to ensure that only authorized parties can view sensitive information and be confident of its source. PKI is a hierarchy of digital security certificates that are issued and managed by CAs (certificate authorities). You will learn how to use both PKIs and private CAs and how Amazon's KMS (Key Management Service) facilitates the use of keys. You will learn how to create a KMS key and how to enable EBS (Elastic Block Store) volume encryption. This course examines how KMS supports FIPS (Federal Information Processing Standard) 140-2, and is compliant with HSMs (hardware security modules). Finally, you will learn how to deploy a private CA to issue PKI certificates, request a public certificate and use a DNS (data name source) validation, and use a certificate to enable an application load balancer HTTPS (hypertext transfer protocol service) listener. This course can be used in preparation for the AWS Certified Solutions Architect-Professional SAP-C01 certification exam.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.