How to build secure cloud on AWS

1. ‫ﺑﺎﺳﺗﺧدام‬ ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻋﻠﻰ‬ ‫أﻋﻣﺎﻟك‬ ‫ﻟﺣﻣﺎﯾﺔ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫طرﯾﻘﺔ‬
‫اﻟﺗﻧﻔﯾذ‬ ‫إﻟﻰ‬ ‫اﻻﺳﺗراﺗﯾﺟﯾﺔ‬ ‫ﻣن‬ :‫ﻟﻠوﯾب‬ ‫أﻣﺎزون‬ ‫ﺧدﻣﺎت‬
Aladdin Dandis
Souq.com

2. ‫ﺗﻧوﯾﮫ‬
‫ﺑﺷرﻛﺔ‬ ‫ﯾﺧﺗص‬ ‫ﺗطﺑﯾق‬ ‫ﺑﺄي‬ ‫ﺑﻌﯾد‬ ‫أو‬ ‫ﻗرﯾب‬ ‫ﻣن‬ ‫ﻟﮫ‬ ‫ﻋﻼﻗﺔ‬ ‫وﻻ‬ ،‫ﺻرف‬ ‫ﺗﻌﻠﯾﻣﻲ‬ ‫واﻟﻣﺣﺎﺿرة‬ ‫اﻟﻣﺎدة‬ ‫ھذه‬ ‫ﻣن‬ ‫اﻟﻐرض‬ ‫إن‬
Amazon.com ‫ﺷرﻛﺔ‬ ‫أو‬ Souq.com

3. ‫اﻵن؟‬ ‫ﻧﺣن‬ ‫أﯾن‬

4. ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬
.1‫اﻟﺧدﻣﺔ‬ ‫ﻣزود‬
.a‫اﻟﺗﺧزﯾن‬ ‫وﺣدات‬ ،‫اﻟﺗﺷﻐﯾل‬ ‫ﻧظﺎم‬ ،‫اﻟﺧوادم‬ ،‫اﻟﺷﺑﻛﺔ‬ :‫اﻟﺗﺣﺗﯾﺔ‬ ‫اﻟﺑﻧﯾﺔ‬
.b‫اﻹﯾﻣﯾل‬ ،‫اﻟوﯾب‬ ‫ﺧوادم‬ ،‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻗواﻋد‬ :‫اﻟﻌﻣل‬ ‫ﻣﻧﺻﺔ‬
.c‫ﻟﺦ‬ …‫اﻟﻛود‬ ‫إدارة‬ ،‫اﻟﻣﺣﺗوى‬ ‫إدارة‬ ،‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﺗﺣﻠﯾل‬ ،‫اﻹﻋﻼن‬ ‫ﺗطﺑﯾﻘﺎت‬ :‫اﻟﺗطﺑﯾق‬
.2‫ﺣﻣﺎﯾﺗﮭﺎ‬ ‫ﻣن‬ ‫ﻟﻠﺗﺄﻛد‬ ‫ﺗﻘﻧﯾﺔ‬ ‫ﺿواﺑط‬ ‫وﺿﻊ‬ ‫ﯾﺳﺗوﺟب‬ ‫ﻣﻣﺎ‬ ،‫اﻟﺧدﻣﺔ‬ ‫ﻣزود‬ ‫ﻋﻧد‬ ‫ﻣوزﻋﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬
.3‫اﻻﺳﺗﮭﻼك‬ ‫ﻣﻘدار‬ ‫ﻋﻠﻰ‬ ‫ﺗﻌﺗﻣد‬ ‫اﻟﺗﻛﻠﻔﺔ‬
.4‫اﻟﺗﻘﻧﯾﺔ‬ ‫ھذه‬ ‫اﺳﺗﺧدام‬ ‫ﻟﻣدى‬ ً‫ﺎ‬‫ﺗﺣدﯾ‬ ‫واﻷﻧظﻣﺔ‬ ‫اﻟﺗﺷرﯾﻌﺎت‬ ‫ﺗﻣﺛل‬ ،‫واﻟﻣﺻﺎرف‬ ‫اﻟﺣﻛوﻣﯾﺔ‬ ‫ﻣﺛل‬ ،‫اﻟﻘطﺎﻋﺎت‬ ‫ﺑﻌض‬ ‫ﻓﻲ‬
.5‫ﻋﻣﻼﺋك‬ ‫أﻣﺎم‬ ‫اﻟﻣﺳؤوﻟﯾﺔ‬ ‫ﻣن‬ SLAs ‫ﺗﻌﻔﯾك‬ ‫وﻻ‬ ،‫اﻷوﻟﻰ‬ ‫ﺑﺎﻟدرﺟﺔ‬ ‫اﻟﻣؤﺳﺳﺔ‬ ‫ﻣﺳؤوﻟﯾﺔ‬ ‫ھﻲ‬ ‫اﻟﻣﻌﻠوﻣﺎت‬ ‫أﻣن‬

5. ‫اﻟﻣﺷﺗرﻛﺔ‬ ‫اﻟﻣﺳؤوﻟﯾﺔ‬ ‫ﻧﻣوذج‬

6. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

7. ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻓﻲ‬ ‫اﻷﻣﺎن‬ ‫آﻟﯾﺎت‬ ‫وﺗطور‬ ‫ﺗﻘﯾم‬ ‫ﻛﯾف‬
●:‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻣزود‬ ‫ﺧدﻣﺎت‬ ‫اﺳﺗﺧدم‬
○(CLI, APIs, SaaS and build custom scripts (Bash, Python, Boto…etc
●‫اﻟﻣﺻدر‬ ‫ﻣﻔﺗوﺣﺔ‬ ‫أو‬ ‫اﻟﺗﺟﺎرﯾﺔ‬ :‫اﻟﻣﺗواﻓرة‬ ‫اﻟﺑراﻣﺞ‬ ‫اﺳﺗﺧدم‬

8. ‫اﻷﻣﻧﻲ‬ ‫اﻟﺗﻘﯾﯾم‬ ‫آﻟﯾﺎت‬

9. AWS ‫ﺧدﻣﺎت‬ ‫ﻋﻠﻰ‬ ‫ﻋﻣﻠﻲ‬ ‫ﺗطﺑﯾق‬

10. ‫إﻧﺗرﻧت‬ ‫ﻣوﻗﻊ‬ ‫ﻣﻛوﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫ﻣﺛﺎل‬
●‫اﻟوﯾب‬ ‫ﺧﺎدم‬
●‫اﻟوب‬ ‫ﺗطﺑﯾق‬ ‫ﺧﺎدم‬
●‫اﻟﺧﻠﻔﻲ‬ ‫اﻟﺗطﺑﯾق‬ ‫ﺧﺎدم‬
●‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻗواﻋد‬
●‫اﻟﻣﻠﻔﺎت‬ ‫ﻣﺷﺎرﻛﺔ‬
●‫اﻟﻣؤﻗت‬ ‫اﻟﺗﺧزﯾن‬ ‫طﺑﻘﺔ‬

11. ‫إﻧﺗرﻧت‬ ‫ﻣوﻗﻊ‬ ‫ﻣﻛوﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫ﻣﺛﺎل‬
DynamoDB
EC2
S3
RDS
VPC
Lambda

12. ‫إﻧﺗرﻧت‬ ‫ﻣوﻗﻊ‬ ‫ﻣﻛوﻧﺎت‬ ‫ﻋﻠﻰ‬ ‫ﻣﺛﺎل‬
Component AWS Mapping Description
Back End Server EC2 Elastic Cloud Computing
Controllers Server Lambda event-driven, serverless
computing platform
Database RDS Relational DB Service
File Storage S3 Simple Storage Service
Networking VPC Virtual Private Cloud
Users and Keys IAM Identity and Access Mgmt

13. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

14. ‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗوﺟد‬ ‫أﯾن‬
.1:‫اﻹﻟﻛﺗروﻧﯾﺔ‬ ‫اﻟﺳﺣﺎﺑﺔ‬ ‫داﺧل‬ ‫ﺻورة‬ ‫ﻣن‬ ‫أﻛﺛر‬ ‫ﻓﻲ‬ ‫ﺗﺗواﺟد‬
.a‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻗواﻋد‬
.b‫اﻟﻣﻠﻔﺎت‬ ‫ﻣﺷﺎرﻛﺔ‬
.c‫اﻟﺣرﻛﺎت‬ ‫ﺳﺟﻼت‬ ‫ﻣﻠﻔﺎت‬
.d(‫)اﻟﻣوظﻔﯾن‬ ‫اﻟﻣﺳﺗﺧدﻣﯾن‬ ‫أﺟﮭزة‬
.e‫اﻻﺣﺗﯾﺎطﯾﺔ‬ ‫اﻟﺣﻔظ‬ ‫وﺳﺎﺋط‬
.f‫واﻟﺗطوﯾر‬ ‫اﻟﺑرﻣﺟﺔ‬ ‫ﺑﯾﺋﺔ‬ ‫ﺧوادم‬
.2‫ﻣﺧﺻﺻﺔ‬ ‫ﻓﻼﺗر‬ ‫ﻋﻠﻰ‬ ً‫ا‬‫اﻋﺗﻣﺎد‬ ‫واﻟﺣﺳﺎﺳﺔ‬ ‫اﻟﺳرﯾﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋن‬ ‫اﻟﻛﺷف‬ ‫ﻓﻲ‬ Macie ‫ﺧدﻣﺔ‬ ‫ﺗﺳﺎﻋد‬

15. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

16. ‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.1‫واﻟﺧدﻣﺎت‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫إﻟﻰ‬ ‫ﻟﻠوﺻول‬ ‫اﻟﻣﺳﺗﺧدﻣﯾن‬ ‫ﺻﻼﺣﯾﺎت‬ ‫ﺿﺑط‬ ‫ﻓﻲ‬ IAM ‫اﺳﺗﺧدم‬
.a"Roles ‫"أدوار‬ ‫ﺗﺣدﯾد‬ ‫ﯾﻣﻛﻧك‬
.b‫واﻟﻣﻣﻧوع‬ ‫اﻟﻣﺳﻣوح‬ ‫ﺗﺣدد‬ ‫اﻟﺗﻲ‬ ‫اﻟﺳﯾﺎﺳﺎت‬ ‫ﺣدد‬ ،‫دور‬ ‫ﻟﻛل‬
.c:‫ﻧوﻋﺎن‬ ‫اﻟﺳﯾﺎﺳﺎت‬
.i‫ﺗﺧﺻﯾﺻﮭﺎ‬ ‫ﯾﻣﻛن‬ ‫وﻻ‬ ‫أﻣﺎزون‬ ‫ﺗﺿﻌﮭﺎ‬ :‫ﻣﻌﯾﺎرﯾﺔ‬
.ii‫اﻟﻌﻣل‬ ‫اﺣﺗﯾﺎﺟﺎت‬ ‫ﻋﻠﻰ‬ ً‫ا‬‫اﻋﺗﻣﺎد‬ ‫ﺗﺧﺻﺻﯾﮭﺎ‬ ‫ﯾﻣﻛن‬ :‫ﻣﺧﺻﺻﺔ‬
.d:‫اﻟﮭوﯾﺔ‬ ‫ﻣن‬ ‫ﻟﻠﺗﺣﻘق‬ ‫أﻧواع‬ ‫ﺛﻼﺛﺔ‬ ‫ﺗوﺟد‬
.i‫ﻣرور‬ ‫وﻛﻠﻣﺔ‬ ‫ﻣﺳﺗﺧدم‬ ‫اﺳم‬
.iiKey/Secret ‫ﺳري‬ ‫ورﻗم‬ ‫ﻣﻔﺗﺎح‬ ‫اﺳﺗﺧدام‬
.iiiLDAP ‫اﺳﺗﺧدام‬
.2‫اﻟﺳوداء‬ ‫أو‬ ‫اﻟﺑﯾﺿﺎء‬ ‫اﻟﻘواﺋم‬ ‫ﻋﻠﻰ‬ ً‫ا‬‫اﻋﺗﻣﺎد‬ ‫ﺧﺎﺻﺔ‬ ‫ﺳﯾﺎﺳﺔ‬ ‫ﺑﺿﺑط‬ ‫ﺗﺳﻣﺢ‬ S3 ‫ﻣﺛل‬ ‫اﻟﻣوارد‬ ‫ﺑﻌض‬
.3‫ﺳواء‬ ،‫واﻟﺣﺳﺎﺳﺔ‬ ‫اﻟﺳرﯾﺔ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻋن‬ ‫اﻟﺗﺷﻔﯾر‬ ‫وﻓك‬ ‫اﻟﺗﺷﻔﯾر‬ ‫ﻣﻔﺎﺗﯾﺢ‬ ‫ﺗوزﯾﻊ‬ ‫ﻓﻲ‬ KMS ‫اﻟﺗﺷﻔﯾر‬ ‫ﻣﻔﺎﺗﯾﺢ‬ ‫إدارة‬ ‫ﻧظﺎم‬ ‫اﺳﺗﺧدم‬
‫اﻷﺧرى‬ ‫اﻷﻣﺎزون‬ ‫ﺣﺳﺎﺑﺎت‬ ‫ﺣﺗﻰ‬ ‫أو‬ ،‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻗواﻋد‬ ‫أو‬ ‫اﻟﺧوادم‬ ‫أو‬ ‫اﻟﻣﺳﺗﺧدﻣﯾن‬ ‫ﻋﻠﻰ‬

17. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

18. ‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
Security Groups ‫اﻷﻣﻧﯾﺔ‬ ‫اﻟﻣﺟﻣوﻋﺎت‬ ‫ﺗﻘﻧﯾﺔ‬
.1‫اﻟﻧﺎري‬ ‫اﻟﺟدار‬ ‫ﻣﻘﺎم‬ ‫ﺗﻘوم‬
.2:‫ﻣﺳﺗوى‬ ‫ﻋﻠﻰ‬ ‫اﻟﺳوداء‬ ‫أو‬ ‫اﻟﺑﯾﺿﺎء‬ ‫اﻟﻘواﺋم‬ ‫ﺗطﺑﯾق‬
.aIPs
.bPorts
.cProtocols
VPC ‫اﻟﺧﺎﺻﺔ‬ ‫اﻻﻓﺗراﺿﯾﺔ‬ ‫اﻟﺳﺣﺎﺑﺔ‬ ‫ﺗﻘﻧﯾﺔ‬
.1،‫اﻟﺷﺑﻛﺔ‬ ‫طﺑﯾﻌﺔ‬ ‫ﻋﻠﻰ‬ ً‫ا‬‫اﻋﺗﻣﺎد‬ ‫ﻣﺣﻠﯾﺔ‬ ‫إﻧﺗرﻧت‬ ‫ﻋﻧﺎوﯾن‬ ‫ﺑوﺿﻊ‬ ‫ﺗﺳﻣﺢ‬
‫اﻟﻌﺎﻣﺔ‬ ‫ﻋن‬ ‫اﻟﺧوادم‬ "‫"إﺧﻔﺎء‬ ‫ﻓﻲ‬ ‫ﯾﺳﺎھم‬ ‫ﻣﻣﺎ‬
.2‫ﻛﺷف‬ ‫وأﻧظﻣﺔ‬ ‫اﻟﻧﺎرﯾﺔ‬ ‫واﻟﺟدران‬ ‫اﻟﺑروﻛﺳﻲ‬ ‫ﺗﻘﻧﯾﺎت‬ ‫ﺗطﺑﯾق‬ ‫ﯾﻣﻛﻧك‬
IDS/IPS ‫اﻟﺗﺳﻠل‬ ‫وﻣﻧﻊ‬

19. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

20. ‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
Alerts and Alarms ‫واﻟﺗواﺻل‬ ‫اﻟﺗﺣذﯾر‬ ‫وﺳﺎﺋل‬
.1‫رﺳﺎﺋل‬ ‫ﺑﺈرﺳﺎل‬ ‫ﻟﺗﻘوم‬ ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣرﻛﺎت‬ ‫ﺳﺟل‬ ‫ﺗﻘﻧﯾﺎت‬ ‫ﺿﺑط‬ ‫ﯾﻣﻛﻧك‬
‫ﻣن‬ ‫إﺟراء‬ ‫اﺗﺧﺎذ‬ ‫ﯾﺳﺗدﻋﻲ‬ ‫أﻣر‬ ‫ﺣدوث‬ ‫ﺣﺎل‬ ‫ﻓﻲ‬ SMS ‫أو‬ ‫إﯾﻣﯾل‬
SNS/SES/SQS ‫ﺧﻼل‬
.2‫ﺑﺷﻛل‬ ‫إﺟراء‬ ‫اﺗﺧﺎذ‬ ‫ﻋﻣﻠﯾﺔ‬ ‫ﻓﻲ‬ Lambda ‫ﺧدﻣﺔ‬ ‫ﺗوظﯾف‬ ‫ﯾﻣﻛﻧك‬
‫اﻟﻘواﺋم‬ ‫ﺗﺣدﯾث‬ ‫ﻣﺛل‬ ،‫اﻟﻧظﺎم‬ ‫ﻣدراء‬ ‫ﻟﺗدﺧل‬ ‫اﻟﺣﺎﺟﺔ‬ ‫دون‬ ‫أوﺗوﻣﺎﺗﯾﻛﻲ‬
Bruteforce ‫ھﺟوم‬ ‫ﻧﻣط‬ ‫ﻋﻠﻰ‬ ً‫ا‬‫اﻋﺗﻣﺎد‬ ‫اﻟﺳوداء‬ ‫أو‬ ‫اﻟﺑﯾﺿﺎء‬
.3‫ﻓﻲ‬ ‫ﻟﻠﻣﺳﺎﻋدة‬ SIEM ‫ﺣﻠول‬ ‫أي‬ ‫إﻟﻰ‬ ‫اﻟرﺳﺎﺋل‬ ‫ھذه‬ ‫ﺗﺣوﯾل‬ ‫ﯾﻣﻛﻧك‬
‫اﻟﺷﺑﻛﺔ‬ ‫داﺧل‬ ‫ﻣﺷﺎﻛل‬ ‫أو‬ ‫ھﺟﻣﺎت‬ ‫أي‬ ‫ﻋن‬ ‫اﻟﻛﺷف‬
CloudTrail ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣرﻛﺎت‬ ‫ﺳﺟل‬
.1‫اﻟواﺟﮭﺎت‬ ‫ﻣﻊ‬ ‫اﻟﻣﺳﺗﺧدم‬ ‫ﺑﮭﺎ‬ ‫ﯾﻘوم‬ ‫اﻟﺗﻲ‬ ‫اﻷواﻣر‬ ‫ﺟﻣﯾﻊ‬ ‫ﺑﺗﺳﺟﯾل‬ ‫ﯾﻘوم‬
AWS APIs :‫أﻣﺎزون‬ ‫ﺧدﻣﺎت‬ ‫ﻟﻣزود‬ ‫اﻟطرﻓﯾﺔ‬
.2‫ﻟوﺣﺔ‬ ‫ﻟﻌﻣل‬ ‫اﻟﺧﺎﺻﺔ‬ ‫اﻻﺳﺗﺧداﻣﺎت‬ ‫ﻣن‬ ‫اﻟﻌدﯾد‬ ‫ﺑﺑﻧﺎء‬ ‫ﺗﻘوم‬ ‫أن‬ ‫ﯾﻣﻛن‬
CloudWatch ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟرؤﯾﺔ‬ ‫ﺧدﻣﺔ‬ ‫ﺑﺎﺳﺗﺧدام‬ Dashboard
.3‫ﻋن‬ ‫اﻹﻟﻛﺗروﻧﯾﺔ‬ ‫ﺳﺣﺎﺑﺗك‬ ‫ﻋﻠﻰ‬ ‫ﺗﺣدث‬ ‫اﻟﺗﻲ‬ ‫اﻟﺗﻐﯾﯾرات‬ ‫ﻛﺎﻓﺔ‬ ‫ﺗﺗﺑﻊ‬ ‫ﯾﻣﻛن‬
Config ‫ﺧدﻣﺔ‬ ‫اﺳﺗﺧدام‬ ‫طرﯾق‬
.4VPC Flow ‫ﺑﺎﺳﺗﺧدام‬ ‫اﻟﺷﺑﻛﺔ‬ ‫ﻋﻠﻰ‬ ‫ﯾﺣدث‬ ‫ﻣﺎ‬ ‫ﺟﻣﯾﻊ‬ ‫ﺗﺗﺑﻊ‬ ‫ﯾﻣﻛن‬
Logs

21. ‫اﺳﺗراﺗﯾﺟﯾﺔ‬ ‫أﺳﺋﻠﺔ‬ 5
.1‫ﺑﯾﺎﻧﺎﺗﻲ؟‬ ‫ﺗﺗواﺟد‬ ‫أﯾن‬
.2‫اﻟﺑﯾﺎﻧﺎت؟‬ ‫ھذه‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﯾﻣﻠك‬ ‫ﻣن‬
.3‫اﻹﻧﺗرﻧت؟‬ ‫ﻋﺑر‬ ‫اﻟﻌﺎﻣﺔ‬ ‫إﻟﻰ‬ ‫ﻣﺗﺎﺣون‬ ‫ﻧﺣن‬ ‫ھل‬
.4‫اﻟﺷﺑﻛﺔ؟‬ ‫ﻣن‬ ‫ﯾﺧرج‬ ‫أو‬ ‫ﯾدﺧل‬ ‫ﻣﺎ‬ ‫ﻟﻛل‬ ‫ﺷﺎﻣﻠﺔ‬ ‫ﻣﻌرﻓﺔ‬ ‫ﻧﻣﺗﻠك‬ ‫ھل‬
.5‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬

22. ‫ً؟‬‫ﻼ‬‫أﺻ‬ ‫ﻣﺧﺗرﻗون‬ ‫ﻧﺣن‬ ‫ھل‬
.1‫ﺗﺳﺗﮭدف‬ ‫اﻟﺗﻲ‬ ‫اﻟﮭﺟﻣﺎت‬ ‫أو‬ ‫اﻟﺧدﻣﺔ‬ ‫ﻣﻧﻊ‬ ‫ھﺟﻣﺎت‬ ‫ﻣن‬ ‫اﻟﺣﻣﺎﯾﺔ‬ ‫ﻓﻲ‬ AWS Shield / AWS WAF ‫ﺧدﻣﺔ‬ ‫ﺗﺳﺎﻋد‬
Layer 7 Attacks ‫اﻟﺗطﺑﯾﻘﺎت‬
.2‫ﻋن‬ ‫ﻟﻠﻛﺷف‬ ‫اﻹﻟﻛﺗروﻧﯾﺔ‬ ‫ﺳﺣﺎﺑﺗك‬ ‫إﻋدادات‬ ‫ﻋﻠﻰ‬ ‫دوري‬ ‫ﻓﺣص‬ ‫إﺟراء‬ ‫ﻓﻲ‬ Trusted Advisor ‫ﺧدﻣﺔ‬ ‫ﺗﺳﺎﻋد‬
‫ﺗﺧﺻﯾص‬ ‫دون‬ ‫ﻟﻠﻌﺎﻣﺔ‬ ‫ﻣﻔﺗوح‬ FTP ‫ﺑورت‬ ‫ﻋن‬ ‫اﻟﻛﺷف‬ ‫ﻣﺛل‬ ،‫أﻣﻧﯾﺔ‬ ‫أو‬ ‫ﺗﺷﻐﯾﻠﯾﺔ‬ ‫ﻣﺷﺎﻛل‬ ‫ﺗﺳﺑب‬ ‫أن‬ ‫ﯾﻣﻛن‬ ‫اﻟﺗﻲ‬ ‫اﻻﻋدادات‬
.3‫ﻛﺛﯾرة‬ ‫طﻠﺑﺎت‬ ‫ﯾرﺳل‬ ‫ﺧﺎدم‬ ‫وﺟود‬ ‫ﻣﺛل‬ ،‫اﻟﺷﺑﻛﺔ‬ ‫ﻣﺳﺗوى‬ ‫ﻋﻠﻰ‬ "‫"ﻣﺷﺑوھﺔ‬ ‫ﻋﻣﻠﯾﺎت‬ ‫أي‬ ‫ﺗﺣدﯾد‬ ‫ﻓﻲ‬ GuarDuty ‫ﺧدﻣﺔ‬ ‫ﺗﺳﺎﻋد‬
‫ﺷﺑﻛﺔ‬ ‫ﻣن‬ ً‫ا‬‫ﺟزء‬ ‫ﺗﻛون‬ ‫أن‬ ‫أو‬ ‫ﺑﯾﺎﻧﺎت‬ ‫ﺗﺳرﯾب‬ ‫ﻋﻣﻠﯾﺔ‬ ‫ﻓﻲ‬ ‫اﻟﺗﺣﻘﯾق‬ ‫ﯾﺳﺗدﻋﻲ‬ ‫ﻣﻣﺎ‬ ،‫اﻟﺷﺑﻛﺔ‬ ‫ﺧﺎرج‬ ‫ﻣﻌﯾن‬ ‫ﺧﺎدم‬ ‫إﻟﻰ‬ ً‫ا‬‫ﺟد‬
Botnet
.4‫ﺧوادﻣك‬ ‫اﺧﺗراق‬ ‫ﻓﻲ‬ ‫ﺗﺗﺳﺑب‬ ‫أن‬ ‫ﯾﻣﻛن‬ ‫أﻣﻧﯾﺔ‬ ‫ﺛﻐرة‬ ‫أي‬ ‫ﻹﯾﺟﺎد‬ ‫اﻟﺧوادم‬ ‫ﻓﺣص‬ ‫ﻓﻲ‬ Inspector ‫ﺧدﻣﺔ‬ ‫ﺗﺳﺎﻋد‬

23. 1 ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻣﺧﺎطر‬ ‫ﺳﺟل‬ :‫ﻣﺛﺎل‬
‫اﻟﻣﺧﺎطر‬ ‫اﻷﺛر‬ ‫اﻟﺗﺄﺛﯾر‬ ‫ﻣﻘدار‬ ‫اﻟﻛﺷف‬ ‫طرﯾﻘﺔ‬ ‫اﻟﻌﻼج‬
EC2 ‫ﻗدﯾﻣﺔ‬ ‫ﺗطﺑﯾﻘﺎت‬ ‫ﻓﯾﮭﺎ‬ ‫ﺗﻛون‬ ‫ﻗد‬ ‫اﻟﺗطﺑﯾﻘﺎت‬ ‫ھذه‬
‫ﻓﻲ‬ ‫ﺗﺗﺳﺑب‬ ‫أن‬ ‫ﯾﻣﻛن‬ ‫ﺛﻐرات‬
‫ﻟﮭﺎ‬ ‫اﻟﮭﺎﻛرز‬ ‫اﺧﺗراق‬
‫ﻋﺎﻟﻲ‬ Lynis, AWS
Inspector
‫اﻟﺗطﺑﯾﻘﺎت‬ ‫ﺗﺣدﯾث‬
EC2 ‫اﻟﻣﻠﻔﺎت‬ ‫ﺗﻐﯾﯾر‬
‫ﻏﯾر‬ ‫ﺑﺷﻛل‬
‫ﺑﮫ‬ ‫ﻣﺻرح‬
‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﺗﺳرﯾب‬
‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﺗﺧرﯾب‬
‫ﻋﺎﻟﻲ‬ Auditd, OSSEC,
FIM
‫ﺿﺑط‬ ‫وﺳﺎﺋل‬ ‫ﺗﻌزﯾز‬
‫اﻟﻧﻔﺎذ‬
Lambda ‫اﻟوﺻول‬ ‫ﯾﻣﻛن‬
‫ﺷﻔرة‬ ‫إﻟﻰ‬
‫ﻣن‬ ‫اﻟﺑرﻧﺎﻣﺞ‬
‫اﻟﻌﺎﻣﺔ‬
‫إﻋدادات‬ ‫إﻟﻰ‬ ‫اﻟوﺻول‬ ‫ﯾﻣﻛن‬
‫ﻣن‬ ‫اﻟﺑرﻧﺎﻣﺞ‬ ‫وﺛﻐرات‬
‫ﻓﻲ‬ ‫ﯾﺗﺳﺑب‬ ‫ﻗد‬ ‫ﻣﻣﺎ‬ ،‫اﻟﻌﺎﻣﺔ‬
‫ﻟﮭﺎ‬ ‫اﻟﮭﺎﻛرز‬ ‫اﺧﺗراق‬
‫ﻣﺗوﺳط‬ Use AWS CLI
:command
Aws lambda --
((...etc
‫وﺳﺎﺋل‬ ‫ﻣراﺟﻌﺔ‬
‫إﻟﻰ‬ ‫اﻟﻧﻔﺎذ‬ ‫ﺿﺑط‬
‫واﺳﺗﺧدام‬ ،‫اﻟﺷﻔرة‬
‫اﻟﺷﻔرة‬ ‫ﻣﺳﺢ‬ ‫ﺑراﻣﺞ‬
‫أﻣﻧﯾﺔ‬ ‫ﻧﺎﺣﯾﺔ‬ ‫ﻣن‬

24. 2 ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻣﺧﺎطر‬ ‫ﺳﺟل‬ :‫ﻣﺛﺎل‬
‫اﻟﻣﺧﺎطر‬ ‫اﻷﺛر‬ ‫ﻣﻘدار‬
‫اﻟﺗﺄﺛﯾر‬
‫اﻟﻛﺷف‬ ‫طرﯾﻘﺔ‬ ‫اﻟﻌﻼج‬
RDS ‫اﻟﻣﺑرﻣﺟون‬ ‫ﯾﻣﻠك‬
‫إﻟﻰ‬ ‫اﻟﻧﻔﺎذ‬ ‫ﺻﻼﺣﯾﺔ‬
‫ﻓﻲ‬ ‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﻗواﻋد‬
‫اﻹﻧﺗﺎج‬ ‫ﺑﯾﺋﺔ‬
‫ﻣﻌﻠوﻣﺎت‬ ‫اﻟﻣﺑرﻣﺟون‬ ‫ﯾﺳﺗﻐل‬ ‫ﻗد‬
‫طرف‬ ‫ﺻﺎﻟﺢ‬ ‫أو‬ ‫ﻟﺻﺎﻟﺣﮭم‬ ‫اﻟﻌﻣﻼء‬
‫أو‬ ‫ﺑﺗﺧرﯾب‬ ‫ﯾﺗﺳﺑﺑون‬ ‫ﻗد‬ ‫أو‬ ،‫ﺧﺎرﺟﻲ‬
‫اﻟﺑﯾﺎﻧﺎت‬ ‫ﺗﻐﯾﯾر‬
‫ﻋﺎﻟﻲ‬ Review access
permissions, Logging user
queries on Jump Server
‫ﻟﻘواﻋد‬ ‫اﻟﻧﺎري‬ ‫اﻟﺟدار‬ ‫اﺳﺗﺧدام‬
‫اﻟﺑﯾﺎﻧﺎت‬
‫ﺣرﻛﺎت‬ ‫ﺟﻣﯾﻊ‬ ‫ﺗﺳﺟﯾل‬
‫ﻗواﻋد‬ ‫ﻋﻠﻰ‬ ‫اﻟﻣﺑرﻣﺟﯾن‬
‫اﻟﺑﯾﺎﻧﺎت‬
S3 ‫ﺷﺧص‬ ‫أي‬ ‫ﯾﻣﻠك‬
‫اﻟﻛﺗﺎﺑﺔ‬ ‫ﺻﻼﺣﯾﺔ‬
‫اﻟﻣﺟﻠد‬ ‫ﻋﻠﻰ‬ ‫واﻟﺗﺣﻣﯾل‬
‫ﺑراﻣﺞ‬ ‫ﺑرﻓﻊ‬ ‫اﻟﻣﺟرﻣون‬ ‫ﯾﻘوم‬ ‫ﻗد‬
‫ﻋﻠﻰ‬ ً‫ﺎ‬‫ﻗﺎﻧوﻧ‬ ‫ﻣﺟرﻣﺔ‬ ‫ﻣواد‬ ‫أو‬ ‫ﺧﺑﯾﺛﺔ‬
‫ﺑﺣذف‬ ‫ﯾﻘوﻣوا‬ ‫ﻗد‬ ‫أو‬ ،‫ﻣﺟﻠداﺗك‬
‫ﻣﻠﻔﺎﺗك‬
High AWS Trusted Advisor,
Perform the following
:AWS CLI command
aws s3api
get-bucket-policy --bucket
‫ﻋﻠﻰ‬ ‫اﻟﻧﻔﺎذ‬ ‫ﺻﻼﺣﯾﺎت‬ ‫ﻣراﺟﻌﺔ‬
‫اﻟﻣﺟﻠدات‬ ‫ﻣﺳﺗوى‬
VPC ‫ﻏﯾر‬ ‫ﺷﺑﻛﺔ‬ ‫ﻣﻧﺎﻓذ‬ ‫ﺗوﺟد‬
‫ﻣﻔﺗوﺣﺔ‬ ‫ﻣﻌﯾﺎرﯾﺔ‬
‫ﻟﻠﻌﺎﻣﺔ‬
‫اﻟﮭﺟﻣﺎت‬ ‫ﺑﺗﺳﮭﯾل‬ ‫ذﻟك‬ ‫ﯾﺗﺳﺑب‬ ‫ﻗد‬
‫اﻟﻣﻧﺎﻓذ‬ ‫ﺑﺗﻠك‬ ‫اﻟﻣرﺗﺑطﺔ‬ ‫ﺧدﻣﺎﺗك‬ ‫ﻋﻠﻰ‬
High AWS Trusted Advisor,
Perform the following
:AWS CLI command
.… Aws
‫اﻟﺑﯾﺿﺎء‬ ‫اﻟﻘواﺋم‬ ‫اﺳﺗﺧدام‬
‫اﻟوﺻول‬ ‫ﺣق‬ ‫ﻟﮭﺎ‬ ‫اﻟﺗﻲ‬ ‫ﻟﻠﺟﮭﺎت‬
‫اﻟﻣﻧﺎﻓذ‬ ‫ھذه‬ ‫إﻟﻰ‬

25. 3 ‫اﻟﺳﺣﺎﺑﯾﺔ‬ ‫اﻟﺣوﺳﺑﺔ‬ ‫ﻣﺧﺎطر‬ ‫ﺳﺟل‬ :‫ﻣﺛﺎل‬
‫اﻟﻣﺧﺎطر‬ ‫اﻷﺛر‬ ‫ﻣﻘدار‬
‫اﻟﺗﺄﺛﯾر‬
‫اﻟﻛﺷف‬ ‫طرﯾﻘﺔ‬ ‫اﻟﻌﻼج‬
IAM ‫ﺑﻌض‬ ‫ﯾﺗﻣﺗﻊ‬
‫ﺑﻣﻔﺎﺗﯾﺢ‬ ‫اﻟﻣﺳﺗﺧدﻣﯾن‬
‫ﻻ‬ ‫ﺳرﯾﺔ‬ ‫وأرﻗﺎم‬
‫ﺻﻼﺣﯾﺗﮭﺎ‬ ‫ﺗﻧﺗﮭﻲ‬
‫ﻓك‬ ‫ﺑﮭﺟﻣﺎت‬ ‫اﻟﻘﯾﺎم‬ ‫ﻟﻠﮭﺎﻛرز‬ ‫ﯾﻣﻛن‬
‫ﻣن‬ ‫ﻣﺗﻧﺎه‬ ‫ﻻ‬ ‫ﻟﻌدد‬ ‫اﻟﺳري‬ ‫اﻟرﻣز‬
‫ذﻟك‬ ‫ﻓﻲ‬ ‫اﻟﻧﺟﺎح‬ ‫ﻟﺣﯾن‬ ‫اﻟﻣرات‬
‫ﻋﺎﻟﻲ‬ AWS Trusted Advisor,
Apply SNS notification for
key usage
‫اﻟﻣﻔﺎﺗﯾﺢ‬ ‫ﺗدوي‬ ‫ﺗﻘﻧﯾﺔ‬ ‫اﺳﺗﺧدام‬
SAML ‫اﺳﺗﺧدام‬
IAM ‫داﺋﻣﺔ‬ SSH ‫ﻣﻔﺎﺗﯾﺢ‬ ‫أو‬ ‫ﺳﺎﺑﻘون‬ ‫ﻣوظﻔون‬ ‫ﯾﺗﻣﻛن‬ ‫ﻗد‬
‫دون‬ ‫ﺧوادﻣك‬ ‫إﻟﻰ‬ ‫ﺑﺎﻟﻧﻔﺎذ‬ ‫ﻣﺳﺗﻘﯾﻠون‬
‫ﻣﻌرﻓﺗك‬
‫ﻋﺎﻟﻲ‬ Cron to check all ssh keys
and creation date and ssh
profile logs
‫ﯾﻣﻛﻧﮫ‬ ‫ﺑﺳﯾط‬ ‫ﺑرﻧﺎﻣﺞ‬ ‫اﺳﺗﺧدام‬
‫ﻟﻠﻣوظﻔﯾن‬ ‫اﻟﻣﻔﺎﺗﯾﺢ‬ ‫ﺣذف‬
‫اﻟﻘداﻣﻰ‬

26. ‫ﻟﻠﺗواﺻل‬
‫دﻧدﯾس‬ ‫اﻟدﯾن‬ ‫ﻋﻼء‬
Aladdin Dandis
Email: adtdandis@gmail.com
Website: www.adandis.com (Ready Soon)
Mob: +962 796 403 522 (+Whatsapp)
Linkedin: https://www.linkedin.com/in/dandis/

27. Thank You
Souq.com