Common attacks, threats, and exploits (for example, Open Web Application Security Project [OWASP] Top 10, DDoS)
Constructing attribute-based access control (ABAC) and role-based access control (RBAC) strategies
Resource isolation mechanisms
Using CloudFormation to deploy cloud resources consistently and securely
Identifying patterns in logs to indicate anomalies and known threats
Root account best practices
AWS services that automate alerting (for example, Lambda, Amazon Simple Notification Service [Amazon SNS], Security Hub)
How to read relevant log sources (for example, Route 53 logs, AWS WAF logs, VPC Flow Logs)
Relevant data that indicates security events
Layered web application architecture
Defining layers of defense by combining edge security services (for example, CloudFront with AWS WAF and load balancers)
AWS services that monitor events and provide alarms (for example, CloudWatch, EventBridge)
Designing resource policies to restrict access to authorized users (for example, S3 bucket policies, DynamoDB policies)
Usage and management of symmetric keys and asymmetric keys (for example, AWS KMS)