VPN concepts (for example, IPsec)
Using the AWS Well-Architected Tool to identify security gaps
Roles and responsibilities in the incident response plan
On-premises connectivity options (for example, AWS VPN, AWS Direct Connect)
Implementing network segmentation based on security requirements (for example, public subnets, private subnets, sensitive VPCs, on-premises connectivity)
Secure remote access methods (for example, SSH, RDP over Systems Manager Session Manager)
Designing mechanisms to prevent unauthorized public access (for example, S3 Block Public Access, prevention of public snapshots and public AMIs)
Evaluating logging and monitoring services for alignment with security requirements
Selecting appropriate protections based on anticipated vulnerabilities and risks (for example, vulnerable software, applications, libraries)
Evaluating IAM policy types for given requirements and workloads
Inter-VPC connectivity (for example, AWS Transit Gateway, VPC endpoints)
Deploying and configuring AWS Organizations
VPN technology, terminology, and usage
Analyzing access or authorization errors to determine cause or effect
Identifying and removing unnecessary network access
Investigating and analyzing to conduct root cause analysis (for example, by using Detective)