AWS Global Infrastructure
AWS networking concepts (for example, Amazon VPC, AWS Direct Connect, AWS VPN, transitive routing, AWS container services)
Hybrid DNS concepts (for example, Amazon Route 53 Resolver, on-premises DNS integration)
Network segmentation (for example, subnetting, IP addressing, connectivity among VPCs)
Network traffic monitoring
Evaluating connectivity options for multiple VPCs
Evaluating connectivity options for on-premises, co-location, and cloud integration
Selecting AWS Regions and Availability Zones based on network and latency requirements
Troubleshooting traffic flows by using AWS tools
Using service endpoints for service integrations
AWS Identity and Access Management (IAM) and AWS IAM Identity Center (AWS Single Sign-On)
Route tables, security groups, and network ACLs
Encryption keys and certificate management (for example, AWS Key Management Service [AWS KMS], AWS Certificate Manager [ACM])
AWS security, identity, and compliance tools (for example, AWS CloudTrail, AWS Identity and Access Management Access Analyzer, AWS Security Hub, Amazon Inspector)
Evaluating cross-account access management
Integrating with third-party identity providers