Advanced Networking – Specialty Certification Preparation for AWS

Advanced

LP Box Courses 17 Video Courses
LP Box quiz 6 Quiz sessions
LP Box Lab 6 Hands-on Labs
Duration 19h 38m
Karma ~700 karma points
Certificate 26176 students

This learning path prepares you for the AWS Network Specialty certification exam. The combination of practical courses, labs and quizzes deepens your knowledge and expertise in building and connecting AWS services and solutions. We cover content under the six domains outlined in the AWS exam guide.

Domain 1.0: Design and implement hybrid IT network architectures at scale.

In this domain we learn how to define network architectures on AWS and how to derive an appropriate architecture, and how to evaluate and optimize for performance and cost. We then explore the procedural concepts for the implementation of hybrid IT architecture connectivity.  We examine hybrid IT architecture connectivity solutions using BGP, VPN and AWS Direct Connect.

VPN and advanced subnetting - understand VPC Subnet configurations and VPC routing to ensure you architect your solution correctly and efficiently. The Subnets and Routing course looks and VPC Subnets and VPC Routing in detail, providing examples of both across different configurations and solutions and how to best implement your network design. In this domain we explore:

  • VPC Subnets
  • VPC CIDR Blocks - The effect of subnetting your VPC CIDR Block
  • VPC Subnets -  Public & Private Subnets
  • VPC Peering: Subnet Considerations - considerations when architecting your subnets in different VPC Peering configurations
  • Flow Logs: VPC Subnets
  • VPC Routing -Routing Fundamentals & Route Tables
  • Routing Priorities -
  • Routing: VPC Peering -  Routing: VPN Connection via a Virtual Private Gateway
  • Routing: Internet Gateways & NAT Gateways
  • Routing: VPC Endpoints - This lecture looks at the automatic routing configuration when creating a VPC Endpoint
  • VPC IPsec VPNs. We explain the IPsec security protocol, highlighting key components - providing explanations of what it is and why and where it is useful.

We describe in detail the individual parts of IPsec protocol suite, such as Authentication Headers and Encapsulating Security Payloads.

We review the triple AAA of security - Authenitication, Access and Authorization. We then explore Security Associations and Key negotiation phases such as IKE phase 1 and phase2. We will finish our IPsec theory with an explanation of the differences between the different network transportation modes, Transport mode and Tunnel mode. We examine where and how AWS uses and implements IPsec, introducing you to the VPC components Virtual Private Gateway, Customer Gateway, and VPN Connection.This section includes two VPC IPsec demonstrations. First we will create a Statically routed IPsec VPN between 2 VPCs. Then create a Dynamically routed IPsec VPN between 2 VPCs. We work with BGP to perform route advertisements and route propagation.

Domain 2.0: Design and implement AWS networks
In this domain we extend our knowledge of AWS networking concepts including:

OSI and TCP/IP networking models. We ensure you have an understanding of both models, useful for learning, architecting, and/or operating large scale networks. To start with, we will review the Open System Interconnection model, which is a 7 layer reference model used to aid both learning, building, and troubleshooting of networks. Next, we will review the TCP/IP model, a more simplified 4 layer model that is used in the implementation of real world networks such as the Internet and/or private networks such as corporate LANs.

Jumbo Frames We provide a detailed overview of Ethernet frames and how and what effect Jumbo Frames have when configured. Jumbo frames allow more than 1500 bytes of data by increasing the payload size per packet. We will review use cases and scenarios where Jumbo Frames are useful.We create a complete working demonstration - configuring a Jumbo Frame enabled network between 2 VPCs. We deploy an EC2 instance within each VPC, each instance will be configured with a pair of ENIs. We will establish policy based routing such that we end up with 2 network paths between the instances - the 1st network path will have a 1500 MTU - utilising ethernet standard frames, and the second network path will have a 9000 MTU - utilising ethernet jumbo frames. 

Domain 3.0: Automate AWS tasks
For domain 3 we examine and explore automation use cases including security and environment monitoring. We evaluate automation alternatives within AWS for network deployments

Evaluate tool-based alternatives within AWS for network operations and management

Domain 4.0: Configure network integration with application services

  • Evaluate DNS solutions in a hybrid IT architecture
  • Leverage the capabilities of Route 53
  • Determine the appropriate configuration of DHCP within AWS
  • Determine a content-distribution strategy to optimize for performance using Amazon CloudFront.

 Domain 5.0: Design and implement for security and compliance

  • Evaluate design requirements for alignment with security and compliance objectives.
  • Evaluate monitoring strategies in support of security and compliance objectives

Domain 6.0: Manage, optimize, and troubleshoot the network

We explore the tools and steps you can implement to troubleshoot and resolve network issues using hands on labs and quizzes.

 

Your Name Here
Preview certificate
Start

1

Introduction to the Networking Specialty Learning Path 

2

Description Creating and configuring a Virtual Private Cloud (VPC) within AWS can be a simple or difficult process. It all very much depends on the complexity of your requirements. For example, how many subnets and hosts will you require? will you be using one VPC or peering multiple VPCs together? Do you need to establish connectivity back to your on-premise network? Do you need internet ...

3

Securing your VPC using Public and Private subnets Lab Overview In this lab you will design a VPC with a public subnet, a private subnet, and a network address translation (NAT) instance in the public subnet.  A NAT instance enables instances in the private subnet to initiate outbound traffic to the Internet. This scenario is common when you have a public-facing web application, while maintaining ...

4

In this course, you will be introduced to Amazon VPC IPsec VPNs. We will first introduce you to the IPsec security protocol, highlighting key components - providing explanations of what it is and why and where it is useful. We will describe in detail the individual parts of IPsec protocol suite, such as Authentication Headers and Encapsulating Security Payloads. We will touch on Security ...

5

Lab Overview In this Lab, you will make strides in migrating an on-premises application into the AWS cloud. You will configure the networking between two VPCs, one for the frontend web tier and one for the backend API tier. As part of a real-world scenario, you will complete design requirements and debug network issues. Lab Objectives Upon completion of this Lab you will be able to: Connect VPCs ...

6

Lab Overview In this Lab, you will set up VPN connections with an Amazon Virtual Private Cloud (VPC) using dynamic routing as you make strides in migrating an on-premises application into the AWS cloud. You will configure the networking between your corporate network and an Amazon Virtual Private Cloud (VPC). The database (db) is hosted on-premises and the application is hosted in the cloud. As ...

7

In this training course you will be introduced to the OSI and TCP/IP networking models. This course will provide you with an understanding of both models, useful for learning, architecting, and/or operating large scale networks. To start with, we will review the Open System Interconnection model, which is a 7 layer reference model used to aid both learning, building, and troubleshooting of ...

8

In this course, you will be introduced to Jumbo Frames. We provide a detailed overview of Ethernet frames and how and what effect Jumbo Frames have when configured. Jumbo frames allow more than 1500 bytes of data by increasing the payload size per packet. We will review use cases and scenarios where Jumbo Frames are useful. In this course, we provide a complete working demonstration - configuring ...

9

In this course, we will perform an in-depth review of the IPv4 protocol. We will review general IPv4 networking concepts and provide detailed explanations for key parts of the IPv4 protocol. In particular, we will review IPv4 Addressing Notation IPv4 Classful Addressing IPv4 Classless Inter-Domain Routing IPv4 Reserved Addresses IPv4 Subnetting IPv4 Addressing Modes (Unicast, Broadcast, and ...

10

11

Amazon's Route 53 provides three services: record creation (which registers the human-readable names you'd like associated with your web domains), request handling (to direct web traffic to the right servers), and health checks (to ensure that traffic isn't being directed to servers that can't handle the load). Very few web-facing AWS deployments can really be considered complete without applying ...

12

Amazon CloudFront is a content delivery web service which integrates with other Amazon Web Services products to give you an easy way to distribute content to end users with low latency, high data transfer speeds, and no minimum usage commitments. During this course we will cover a range of topics from an introduction to what CloudFront is, to architectural considerations, to pricing and reports. ...

13

Even if many modern websites require complex server-side technologies to deliver dynamic content, many organizations still need pretty simple static websites just relying on HTML, CSS and Javascript. Nevertheless, even websites delivering static content need to scale and grant high availability, and a low latency, as the visits grow over time. In this course, the expert CloudAcademy's Senior ...

14

Learn a simple procedure to create an inexpensive, highly available, low-latency static website with Amazon S3 and a CloudFront content delivery network Lab Overview You can easily and inexpensively use Amazon Web Services (AWS) to host a website that uses client-side technologies (such as HTML, CSS, and JavaScript) and does not require server-side technologies (such as PHP and ASP.NET). This ...

15

16

Create a Content Delivery Network (CDN) Distribution using Amazon CloudFront Amazon CloudFront is a content delivery network (CDN) service. You can speed up the delivery of static files using the HTTP or the HTTPS protocols. You can stream audio or video contents in real time using the RTMP protocol. Each CloudFront distribution has a unique cloudfront.net domain name that can be used to ...

17

18

Cloud Security is a huge topic, mainly because it has so many different areas of focus. This course focuses on three areas that are fundamental, AWS Authentication, Authorisation and Accounting. These three topics can all be linked together and having an understanding of the different security controls from an authentication and authorization perspective can help you design the correct level of ...

19

Any information that helps to secure your Cloud infrastructure is of significant use to security engineers and architects, with AWS CloudTrail you have the ability to capture all AWS API calls made by users and/or services. Whenever an API request is made within your environment AWS CloudTrail can track that request with a host of metadata and record it in a Log which is then sent to AWS S3 for ...

21

With the ever-changing nature of Cloud Computing in AWS, through the use of Auto Scaling, and self-healing architecture mechanisms, having visibility and awareness of your AWS resources is invaluable. It can be difficult to understand what your resources within your infrastructure looks like, for example: • Understanding what resources you have • Having an awareness of the status of resource ...

22

23

Course Description: In this course we will discuss the fundamentals of Intrusion Detection and Prevention on Amazon Web Services. We will explore the difference between IDS and IPS, and the difference between host-based Intrusion Prevention, and Network based Intrusion prevention. We’ll also discuss the various AWS architectures, how do you place an IPS, how do you write rules, how do you respond ...

24

With the ever increasing threats of attacks against the integrity, confidentiality, and availability of your data within your organization, the need to ensure strict security procedures and processes is paramount and learn how to use Amazon Inspector is key. AWS offers a wide range of security services to help you achieve the level of security that you need to enforce within your environment, and ...

25

Modern AWS cloud deployments are increasingly distributed systems, comprising of many different components and services interacting with each other to deliver software. In order to ensure quality delivery, companies and DevOps teams need more sophisticated methods of monitoring their clouds, collecting operational metrics, and logging system occurrences. This course aims to teach advanced ...

26

AWS X-Ray makes it possible for you to monitor, trace and visualize activity across multiple application touch points.   In this course we will: Introduce the AWS X-Ray service and the functionality that it provides. Explain the functions of the AWS X-Ray service and how to use AWS X-Ray with other AWS services. Demonstrate how to use the AWS X-Ray Console - highlighting key areas such as the ...

27

Do you know what is going on within your AWS account? As deployments become increasingly complex and businesses allow developers more freedom to work with the AWS Cloud, understanding what users are doing becomes even more important. Governance on AWS is the practice of using AWS tools to ensure that the way AWS is used meets strategic goals for a company. More concretely, this usually refers to ...

29

networking-specialty-learning-path-conclusion
Complete all the steps to claim this certificate
Your Name Here
Advanced Networking – Specialty Certification Preparation for AWS
Certificate Sample