Problem Statement

Skills Da https://docs.google.com/document/d/1YUllCpQJT1luTo8udgUSR46xLmrP-SN-QJD-Cz-Ljvo/edit

Introduction

In this lab, we’re focused on training participants in cloud forensics by securing and monitoring AWS resources. Our goal is to detect unauthorized access to our AWS S3 bucket and respond to incidents in real time. We’ll be working with Dime AI, a financial chatbot hosted on AWS, as our use case to simulate these security scenarios.

Objectives

Our objectives for this lab are to:

• Configure AWS S3 with robust security and logging features.
• Set up real-time monitoring and alerts to catch unauthorized access attempts.
• Integrate NGINX as a reverse proxy to control access.
• Simulate and respond to potential intrusion scenarios.

Pre-requisites

To work effectively on this lab, each participant should:

• Have a basic understanding of AWS (S3, EC2, CloudTrail, Lambda, and SNS).
• Be comfortable with NGINX configuration basics.
• Have access to an AWS account with necessary permissions.
• Be familiar with command-line tools and JSON, especially for parsing logs.

Lab Setup Overview

Here’s a quick overview of what we’ll be setting up:

• An AWS S3 bucket to host Dime AI’s application.