O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

AWS Certified Security - Specialty

Video Description

6 Hours of Video Instruction

Description

Six hours of video instruction for AWS security professionals. The AWS Certified Security – Specialty Complete Video Course has been tailored for the security professional seeking to take and pass the certification exam. It provides directed study of the exam topics using detailed explanations of the 5 questions domains with examples, diagrams, and case studies along with sample exam questions with extensive explanations as to their solutions.

Overview

AWS Certifications are among the most sought-after in the Technology sector, and the certification exams cover a wide range of services, technologies, and implementation patterns. The Security – Specialty certification is not an entry-level exam and the questions reflect the difficulty required to fully test the holistic knowledge of AWS security professionals. The AWS Certified Security – Specialty Complete Video Course targets the certification exam and provides directed study of the exam topics by targeting the exam logistics and providing detailed demonstrations, examples, and case studies pertaining to all 5 of the question domains. In addition to each domain, a sample exam question is provided at the end of each lesson along with a logical walk-through of how to solve it.

Chad Smith has made an extensive career of AWS and cloud security, and is uniquely qualified as an AWS architect and experienced system administrator to impart his knowledge of the AWS Certified Security – Specialty exam.

Topics include:
Module 1 AWS Certified Security – Specialty Basics
Module 2 Incident Response
Module 3 Logging and Monitoring
Module 4 Infrastructure Security
Module 5 Identity and Access Management
Module 6 Data Protection
Module 7 Next Steps

About the Instructor

Chad Smith is the Principal Cloud Architect at Brightkey.cloud. He is a certified architect for both Amazon Web Services and Google Cloud Platform. He brings a wealth of relevant experience in cloud adoption, infrastructure design, data security and cloud operations. Chad holds current AWS certifications in Architecture (Associate and Professional), SysOps and Security.

Skill Level
Intermediate/Advanced

Learn How To

  • Interpret the every-day skills you have in AWS security, and apply them to the 5 domains of the exam
  • Apply tried-and-true study techniques specific to the AWS Certified Security – Specialty exam
  • Use case studies to determine the correct security responses for various incidents involving broken monitoring situations, automated log management, and complex implementation scenarios
  • Use several IAM policy examples, and troubleshoot a series of broken permissions examples
  • Enable server-side encryption for CloudWatch logs
  • Implement end-to-end encryption for an application infrastructure

Who Should Take This Course

  • AWS security professionals seeking to advance their career, and prove their knowledge and experience, by adding the AWS Certified Security – Specialty certification to their CV.

Course Requirements

  • Basic knowledge of AWS security concepts
  • Basic knowledge of general security concepts

Table of Contents
Module 1 AWS Certified Security – Specialty Basics
Lesson 1 AWS Certified Security – Specialty Basics
Module 2 Incident Response
Lesson 2 Incident Response
Module 3 Logging and Monitoring
Lesson 3 Security Monitoring
Lesson 4 Logging Solutions
Module 4 Infrastructure Security
Infrastructure Security Part 1
Infrastructure Security Part 2
Module 5 Identity and Access Management
Lesson 7 Permission and Roles
Lesson 8 Federation and Resource-based Access Control
Module 6 Data Protection
Lesson 9 Key Management
Lesson 10 Data Encryption At-rest and in Transit
Module 7 Next Steps
Lesson 11 Next Steps

Module descriptions

Module 1 consists of a single lesson, which introduces the Security – Specialty certification. It will detail the prerequisites and skills required to be a successful candidate for certification.

Module 2 is the first discussion of the official exam content and will be a single lesson. It will cover the first of the five question domains, called Incident Response.

Module 3 consists of two lessons, collectively covering the second exam question domain called “Logging and Monitoring.” This broad topic will be split into Lesson 3, Security Monitoring, and Lesson 4, Logging Solutions.

Module 4, has two lessons covering the third exam question domain, “Infrastructure Security.” Lesson 5 explains securing AWS from global and regional perspectives, and Lesson 6 goes through host-based security and troubleshooting issues.

Module 5 has two lessons to cover the fourth exam question domain, called “Identity and Access Management.” Lesson 7 will detail the mechanisms for permissions and roles. In Lesson 8, we’ll discuss federation and resource-based access control.

Module 6 is made up of two lessons, covering the fifth and final exam question domain, “Data Protection.” Lesson 9 is all about key management for encryption and authentication, and in Lesson 10 data encryption methods are discussed, both at-rest and in-transit.

Module 7covers next steps toward certification. The single lesson in this module, Lesson 11, is full of resources and strategies for passing the exam.

About Pearson Video Training

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.

Table of Contents

  1. Introduction
    1. AWS Certified Security - Specialty: Introduction 00:02:46
  2. Module 1: AWS Certified Security - Specialty Basics
    1. Module introduction 00:00:23
  3. Lesson 1: AWS Certified Security - Specialty Basics
    1. Learning objectives 00:00:31
    2. 1.1 Introduction to Security 00:01:41
    3. 1.2 Exam Details 00:05:34
    4. 1.3 Course Scope Details 00:02:18
    5. 1.4 Certification Candidate Skills 00:05:56
  4. Module 2: Incident Response
    1. Module introduction 00:00:21
  5. Lesson 2: Incident Response
    1. Learning objectives 00:00:39
    2. 2.1 Abuse Notice Strategies 00:02:36
    3. 2.2 Incident Response Basics 00:01:34
    4. 2.3 IR Preparation 00:07:09
    5. 2.4 IR Detection and Analysis 00:05:05
    6. 2.5 IR Containment Eradication and Recovery 00:04:44
    7. 2.6 IR Post-Incident Activity 00:01:56
    8. 2.7 Case Study: Compromised EC2 00:08:21
    9. 2.8 Question Breakdown 00:03:48
  6. Module 3: Logging and Monitoring
    1. Module introduction 00:00:25
  7. Lesson 3: Security Monitoring
    1. Learning objectives 00:00:35
    2. 3.1 Infrastructure Security Monitoring 00:05:56
    3. 3.2 Application Security Monitoring 00:02:53
    4. 3.3 Account Security Monitoring 00:02:39
    5. 3.4 Troubleshooting Security Monitoring 00:03:00
    6. 3.5 Case Study: Broken Monitoring 00:07:17
    7. 3.6 Question Breakdown 00:04:48
  8. Lesson 4: Logging Solutions
    1. Learning objectives 00:00:36
    2. 4.1 Access Logs 00:02:45
    3. 4.2 Execution Logs 00:01:24
    4. 4.3 Security Logs 00:02:17
    5. 4.4 Log Processing 00:04:14
    6. 4.5 Case Study: Automated Log Management 00:05:38
    7. 4.6 Question Breakdown 00:03:09
  9. Module 4: Infrastructure Security
    1. Module introduction 00:00:30
  10. Lesson 5: Infrastructure Security Part 1
    1. Learning objectives 00:00:37
    2. 5.1 Edge Security 00:02:39
    3. 5.2 VPC Network Security 00:04:20
    4. 5.3 VPC Egress Security 00:07:15
    5. 5.4 Multiple VPC Strategies 00:06:15
    6. 5.5 Case Study: Multi-scope Infrastructure Design 00:08:26
    7. 5.6 Question Breakdown 00:04:56
  11. Lesson 6: Infrastructure Security Part 2
    1. Learning objectives 00:00:24
    2. 6.1 Network Troubleshooting 00:09:11
    3. 6.2 Host-Based Security 00:07:46
    4. 6.3 Case Study: The Golden AMI Pipeline 00:08:01
    5. 6.4 Question Breakdown 00:03:38
  12. Module 5: Identity and Access Management
    1. Module introduction 00:00:32
  13. Lesson 7: Permissions and Roles
    1. Learning objectives 00:00:31
    2. 7.1 AWS Credentials 00:07:52
    3. 7.2 IAM Policy Details 00:07:25
    4. 7.3 IAM Policy Conditions 00:09:40
    5. 7.4 Policy Evaluation Logic 00:05:02
    6. 7.5 Assuming IAM Roles 00:06:09
    7. 7.6 Case Study: IAM Policy Examples 00:09:27
    8. 7.7 Question Breakdown 00:03:28
  14. Lesson 8: Federation and Resource-based Access Control
    1. Learning objectives 00:00:33
    2. 8.1 SAML Federation 00:02:17
    3. 8.2 Cognito User Pool Federation 00:02:38
    4. 8.3 Cognito Identity Pool Federation 00:02:46
    5. 8.4 AWS SSO Federation 00:02:55
    6. 8.5 AWS Organizations 00:03:10
    7. 8.6 S3 Access Control 00:08:17
    8. 8.7 API Gateway and Lambda Access Control 00:04:25
    9. 8.8 Troubleshooting Permissions 00:05:11
    10. 8.9 Case Study: Broken Permission Examples 00:06:03
    11. 8.10 Question Breakdown 00:02:54
  15. Module 6: Data Protection
    1. Module introduction 00:00:31
  16. Lesson 9: Key Management
    1. Learning objectives 00:00:32
    2. 9.1 Symmetric Data Encryption 00:08:37
    3. 9.2 AWS KMS Basics 00:07:32
    4. 9.3 AWS KMS Access Control 00:10:27
    5. 9.4 AWS CloudHSM 00:05:10
    6. 9.5 AWS Certificate Manager 00:03:13
    7. 9.6 Using Keys for Authentication 00:03:54
    8. 9.7 Troubleshooting Key Management 00:03:51
    9. 9.8 Case Study: CloudWatch Logs Encryption 00:06:28
    10. 9.9 Question Breakdown 00:04:13
  17. Lesson 10: Data Encryption At-rest and In Transit
    1. Learning objectives 00:00:39
    2. 10.1 Data Encryption At-rest by Default 00:03:04
    3. 10.2 Data Encryption At-rest as Option 00:03:43
    4. 10.3 Data Encryption At-rest Operations 00:02:47
    5. 10.4 Data Encryption In Transit - Web 00:01:49
    6. 10.5 Data Encryption In Transit - Storage 00:01:26
    7. 10.6 Data Encryption In Transit - Network 00:02:43
    8. 10.7 Case Study: End-to-End Encryption 00:08:14
    9. 10.8 Question Breakdown 00:04:00
  18. Module 7: Next Steps
    1. Module introduction 00:00:21
  19. Lesson 11: Next Steps
    1. Learning objectives 00:00:18
    2. 11.1 Study Strategies 00:03:41
    3. 11.2 Study Resources 00:10:58
  20. Summary
    1. AWS Certified Security - Specialty: Summary 00:01:03