Course Syllabus
Semester: Spring 2021
Class: CIS 195 Security in the Cloud – Online
Class Numbers: 24308/24309
Class Description and Overview
This course explores AWS (Amazon Web Services) security at both the AWS services layer and Amazon data center infrastructure layer. This course will review how Amazon Web Services implements security measures in their global data center infrastructure. Student will learn about the AWS security shared responsibility model and how to use Amazon security and monitoring tool to ensure security in an AWS cloud infrastructure. Student will learn about how AWS security tools can provide hardware, service, network and user activity monitoring, key management services, server and application firewall services and an introduction to implementing private and public subnets.
Introducing the Instructor
I’m George McKinney, a Software Developer based in Los Angeles. For 16 years, I have worked on projects for many companies including Acura, Disney, Samsung, LG, Kraft and numerous medium-sized firms and startups. My journey as a professional developer began at Los Angeles Community College where I studied C/C++, Java and Macromedia Flash. I learned computer science and applied it in marketing, sales, automation and communication solutions.
Instructor Contact Information
Please use the Canvas Inbox to send me an email so I receive push notification to my mobile phone and can respond to you faster. It will also keep all our course-related correspondence together.
I respond to emails and private messages within 24 hours, during the hours of 9:00 am to 9:00 pm, Monday through Friday, and 48 hours on weekends. My office hours are Wednesday and Friday afternoons, 2 to 4pm. I can also meet with you individually but contact me in advance to set a day and time.
Accommodation Statement for Students with Disabilities
The college and I are committed to your success here in this course. If you were not already aware we have resources described below for you. Please contact me if I can be of help or you need accomodations.
If you are a student with a disability and require classroom accommodations, please contact me to discuss arrangements. The sooner I am aware that you are eligible for accommodations, the quicker I will be able to provide them. If you have not done so already, you may also wish to contact the DSP&S Office in Instruction Building 1018 (phone 818-364-7732 / TTD (818) 364-7861 ) and ask them to contact me with a letter stating the accommodations that are needed.
Students requesting academic accommodations should first contact them online or by email download, otherwise use the following procedure:
Step 1: Obtain documentation of your disability from a licensed professional. You may contact DSPS to request a Disability Verification Form.
Step 2: Make an appointment to meet with a DSPS Specialist to review your documentation and discuss reasonable accommodations.
To schedule a meeting, please call DSPS at (818) 364-7732 download.
Step 3: Bring your disability documentation to your DSPS appointment. The DSPS office is located in room 1018 of the Instructional Building.
Step 4: Each semester, reach written accommodation agreement with the DSPS Specialist and your instructor.
To be most effective, students should complete this process by the end of the 3rd week of the semester. Tests with required accommodations must be taken at the DSPS office. Since this course is completely online, you can take tests where it is most comfortable for you.
To be most effective, students should complete this process by the end of the 3rd week of the semester. Tests with required accommodations must be taken at the DSPS office. Since this course is completely online, you can take tests where it is most comfortable for you.
Student Learning Outcomes
Student Learning Outcomes
- The student will develop an understanding of AWS Identity Access Management, event logging and system monitoring.
- The student will demonstrate an understanding of how to implement AWS networking and firewall configurations.
Course Objectives
Upon satisfactory completion of the course, students will be able to:
- Understanding AWS Global infrastructure security
- Describe the AWS Shared Responsibility Model
- Create users,roles with least amount of access
- Creating Virtual Private Subnets
- Use AWS tools to monitor user activity
- Use AWS tools to monitor network activity activity
- Use AWS tools to monitor instance activity and load balancing
- Log security events using AWS tools
- Configure firewall for public and private access to application resources
- Configure firewall for public and private access to instance resources
- Use AWS Key Management Service (KMS) to create and control the encryption keys and to protect the security of your keys.
- Use CloudTrail to monitor and analyze access to various resources.
New Skills
By the end of this course, you will :
- Create AWS Accounts (Root, Student, Professor)
- Configure AWS Config to Monitor All AWS Resources in your Region. Create a SNS topic and S3 bucket to store all AWS Configuration Items and History.
- IAM via CLI to create user and Setup Multi-Factor Authentication
- Setup VPC Public & Private Subnet and add a NAT gateway
- Use CloudTrail & CloudWatch tools to monitor user activity across the region.
- Setup up a CloudWatch Billing Alarm for fixed USD and Send SNS message to your email address.
- Configure AWS WAF – a web application firewall that protects web applications from attacks.
- Create security groups to act as a virtual firewall for an instance to control inbound and outbound traffic.
- Create, import, and rotate keys and define usage policies and audit usage.
- Use Trusted Advisor tool to verify setup is secure and optimally configured
Basis for Grading, Late Policy and Extra Credit
Unit Assignments
During the semester, assignments must be completed, by the scheduled date. You will be dropped from the class if you fail to turn in two assignments.
Homework is to be submitted by the due date (Friday midnight). Late homework will not receive full credit, but will be accepted until Sunday midnight for 10% penalty. Homework must be submitted using the blue Submit button on the assignment’s page.
If there are extenuating circumstances, send me a canvas message with the name of the assignment you wish to make a past due submission, and I will consider your request.
Threaded Discussions
Participation in the weekly discussion group online through Canvas is required. Threaded discussions account for 5% of your total grade, marks are rewarded on participation vs. non-participation.
Quizzes
Every week there will be a quizzes to assess the week’s modules.
Final Exam
A comprehensive final exam is at the end of the semester. It will cover most topics presented during the course.
Final Project
During the term, you will complete a class project. The project will consist of analyzing the design and development of a system which could utilize the cloud services discussed in class. You may either choose a system of your own or I will provide one that you can use that you will be familiar with if you cannot think of one from your own experience. You will be dropped from the class if you fail to complete the class project.
Course Assignments:
| Date | Details | Due |
|---|---|---|
| Thu Apr 15, 2021 | Assignment Accept Syllabus | due by 11:59pm |
| Fri Apr 16, 2021 | Assignment Introduce Yourself Ice Breaker | due by 11:59pm |
| Sun Apr 18, 2021 | Assignment Module 1 Lab: Create AWS Accounts (Root, Student, Professor) | due by 11:59pm |
| Assignment Quiz: Module 1 Security Introduction Quiz | due by 11:59pm | |
| Sun Apr 25, 2021 | Assignment Module 2 Lab: AWS Config & S3 Rule | due by 11:59pm |
| Assignment Quiz: Module 2 Shared Responsibility & AWS Config Quiz | due by 11:59pm | |
| Sun May 2, 2021 | Assignment Module 3 Lab 1: IAM CLI | due by 11:59pm |
| Assignment Module 3 Lab 2: IAM Multi-Factor Authentication | due by 11:59pm | |
| Assignment Quiz: Module 3 Identity Access Management | due by 11:59pm | |
| Sun May 9, 2021 | Assignment Module 4 Lab 1: CloudTrail Trail | due by 11:59pm |
| Assignment Module 4 Lab 2: CloudWatch Billing Alarm | due by 11:59pm | |
| Assignment Module 4 Lab 3: CloudWatch Event Rule | due by 11:59pm | |
| Assignment Quiz: Module 4 CloudTrail & CloudWatch | due by 11:59pm | |
| Sun May 16, 2021 | Assignment Module 5 Lab 1: Inspector | due by 11:59pm |
| Assignment Module 5 Lab 2: Trusted Advisor | due by 11:59pm | |
| Assignment Quiz: Module 5 Inspector & Trusted Advisor | due by 11:59pm | |
| Sun May 23, 2021 | Assignment Module 6 Lab 1: VPC Public & Private Subnet | due by 11:59pm |
| Assignment Module 6 Lab 2: VPC NAT | due by 11:59pm | |
| Assignment Quiz: Module 6 VPC & Route 53 | due by 11:59pm | |
| Sun May 30, 2021 | Assignment Quiz: Module 7 CloudFront, WAF & Shield | due by 11:59pm |
| Thu Jun 3, 2021 | Assignment Module 7 Lab 1: Tutorial | due by 11:59pm |
| Assignment Module 7 Lab 2: Preconfigured Rules w/ Lambda | due by 11:59pm | |
| Sun Jun 6, 2021 | Assignment Final Project | due by 11:59pm |
Final Letter Grade
Total Percentage
A = 90% -100%
B = 80% – 89%
C = 70% – 79%
D = 60% – 69%
F = 0% – 59%
Textbook and Class Materials
There are no required text books for this course. The course content and the videos in the Canvas shell shall be sufficient material to succeed in this course. We use Amazon website extensively to directly reference resources.
Advice for Class Success
Canvas
This course was created using the Course Management System (CMS) called Canvas. For instructions on how to use it, I recommend reviewing their training videos. This knowledge will be beneficial for you in other courses you take in the California Community College system.
Communication
If you have not used the Canvas mobile app for you phone, try it out. You can participate in discussions, view assignments and send messages enabling you to stay on top of the course. See Contacting the Instructor for more information.
Software
In order to access Amazon Web Services, you will need to use a supported web browser. At the present time, Amazon supports the following browsers:
- Google Chrome: latest 3 versions
- Mozilla Firefox: latest 3 versions
- Microsoft Edge: latest 3 versions
- Apple Safari: version latest 3 versions
Please use one of these supported products. Install this product on the computer you plan to use to access Amazon Web Services and the Canvas course shell.
Assessments
To do well in the course it is important that you complete the course work. For more detailed information, see the Basis for Grading page.
Class Attendance/Drop Policy
Attendance
Please contact me as early as possible if you will not be connected to the class longer for more than 3 days. I monitor the assignment submissions, discussions and conversations inbox for your participation. You are a valuable member of our learning community and we need you. Let me work with you to help keep you moving forward in your studies.
As per college policy, if a student is inactive for more than a week (if 8 week session) or two weeks (if 16 week session), the instructor may exclude the student from the class. For online class, this occurs when a student has not submitted assignments due that week. For materials covered in the class, refer to the schedule on Canvas. If a student misses two weeks in a row of assignments, they will be dropped.
Campus and Class Rules
Dishonesty, such as cheating or knowingly furnishing false information to instructors and college personnel, turning in work that is not one’s one will be grounds for disciplinary action at LAMC according to the Standards of Student Conduct as described on the LAMC Catalog. The penalty may range from no credit for the assignment up to an “F” grade and disciplinary action. Students are expected to adhere to all school policies, and to abide by the standards of student conduct as described in the Los Angeles Mission College Catalog. Any infringement upon the rights of other students in the class will not be tolerated. Please refer to LACCD Board Rule 9800 for further information.
Please read and be aware of the Student Code of Conduct for Los Angeles Mission College.