AWS Certified Security - Specialty

Video description

6 Hours of Video Instruction


Six hours of video instruction for AWS security professionals. The AWS Certified Security – Specialty Complete Video Course has been tailored for the security professional seeking to take and pass the certification exam. It provides directed study of the exam topics using detailed explanations of the 5 questions domains with examples, diagrams, and case studies along with sample exam questions with extensive explanations as to their solutions.


AWS Certifications are among the most sought-after in the Technology sector, and the certification exams cover a wide range of services, technologies, and implementation patterns. The Security – Specialty certification is not an entry-level exam and the questions reflect the difficulty required to fully test the holistic knowledge of AWS security professionals. The AWS Certified Security – Specialty Complete Video Course targets the certification exam and provides directed study of the exam topics by targeting the exam logistics and providing detailed demonstrations, examples, and case studies pertaining to all 5 of the question domains. In addition to each domain, a sample exam question is provided at the end of each lesson along with a logical walk-through of how to solve it.

Chad Smith has made an extensive career of AWS and cloud security, and is uniquely qualified as an AWS architect and experienced system administrator to impart his knowledge of the AWS Certified Security – Specialty exam.

Topics include:
Module 1 AWS Certified Security – Specialty Basics
Module 2 Incident Response
Module 3 Logging and Monitoring
Module 4 Infrastructure Security
Module 5 Identity and Access Management
Module 6 Data Protection
Module 7 Next Steps

About the Instructor

Chad Smith is the Principal Cloud Architect at He is a certified architect for both Amazon Web Services and Google Cloud Platform. He brings a wealth of relevant experience in cloud adoption, infrastructure design, data security and cloud operations. Chad holds current AWS certifications in Architecture (Associate and Professional), SysOps and Security.

Skill Level

Learn How To

  • Interpret the every-day skills you have in AWS security, and apply them to the 5 domains of the exam
  • Apply tried-and-true study techniques specific to the AWS Certified Security – Specialty exam
  • Use case studies to determine the correct security responses for various incidents involving broken monitoring situations, automated log management, and complex implementation scenarios
  • Use several IAM policy examples, and troubleshoot a series of broken permissions examples
  • Enable server-side encryption for CloudWatch logs
  • Implement end-to-end encryption for an application infrastructure

Who Should Take This Course

  • AWS security professionals seeking to advance their career, and prove their knowledge and experience, by adding the AWS Certified Security – Specialty certification to their CV.

Course Requirements

  • Basic knowledge of AWS security concepts
  • Basic knowledge of general security concepts

Table of Contents
Module 1 AWS Certified Security – Specialty Basics
Lesson 1 AWS Certified Security – Specialty Basics
Module 2 Incident Response
Lesson 2 Incident Response
Module 3 Logging and Monitoring
Lesson 3 Security Monitoring
Lesson 4 Logging Solutions
Module 4 Infrastructure Security
Infrastructure Security Part 1
Infrastructure Security Part 2
Module 5 Identity and Access Management
Lesson 7 Permission and Roles
Lesson 8 Federation and Resource-based Access Control
Module 6 Data Protection
Lesson 9 Key Management
Lesson 10 Data Encryption At-rest and in Transit
Module 7 Next Steps
Lesson 11 Next Steps

Module descriptions

Module 1 consists of a single lesson, which introduces the Security – Specialty certification. It will detail the prerequisites and skills required to be a successful candidate for certification.

Module 2 is the first discussion of the official exam content and will be a single lesson. It will cover the first of the five question domains, called Incident Response.

Module 3 consists of two lessons, collectively covering the second exam question domain called “Logging and Monitoring.” This broad topic will be split into Lesson 3, Security Monitoring, and Lesson 4, Logging Solutions.

Module 4, has two lessons covering the third exam question domain, “Infrastructure Security.” Lesson 5 explains securing AWS from global and regional perspectives, and Lesson 6 goes through host-based security and troubleshooting issues.

Module 5 has two lessons to cover the fourth exam question domain, called “Identity and Access Management.” Lesson 7 will detail the mechanisms for permissions and roles. In Lesson 8, we’ll discuss federation and resource-based access control.

Module 6 is made up of two lessons, covering the fifth and final exam question domain, “Data Protection.” Lesson 9 is all about key management for encryption and authentication, and in Lesson 10 data encryption methods are discussed, both at-rest and in-transit.

Module 7covers next steps toward certification. The single lesson in this module, Lesson 11, is full of resources and strategies for passing the exam.

About Pearson Video Training

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at

Table of contents

  1. Introduction
    1. AWS Certified Security - Specialty: Introduction
  2. Module 1: AWS Certified Security - Specialty Basics
    1. Module introduction
  3. Lesson 1: AWS Certified Security - Specialty Basics
    1. Learning objectives
    2. 1.1 Introduction to Security
    3. 1.2 Exam Details
    4. 1.3 Course Scope Details
    5. 1.4 Certification Candidate Skills
  4. Module 2: Incident Response
    1. Module introduction
  5. Lesson 2: Incident Response
    1. Learning objectives
    2. 2.1 Abuse Notice Strategies
    3. 2.2 Incident Response Basics
    4. 2.3 IR Preparation
    5. 2.4 IR Detection and Analysis
    6. 2.5 IR Containment Eradication and Recovery
    7. 2.6 IR Post-Incident Activity
    8. 2.7 Case Study: Compromised EC2
    9. 2.8 Question Breakdown
  6. Module 3: Logging and Monitoring
    1. Module introduction
  7. Lesson 3: Security Monitoring
    1. Learning objectives
    2. 3.1 Infrastructure Security Monitoring
    3. 3.2 Application Security Monitoring
    4. 3.3 Account Security Monitoring
    5. 3.4 Troubleshooting Security Monitoring
    6. 3.5 Case Study: Broken Monitoring
    7. 3.6 Question Breakdown
  8. Lesson 4: Logging Solutions
    1. Learning objectives
    2. 4.1 Access Logs
    3. 4.2 Execution Logs
    4. 4.3 Security Logs
    5. 4.4 Log Processing
    6. 4.5 Case Study: Automated Log Management
    7. 4.6 Question Breakdown
  9. Module 4: Infrastructure Security
    1. Module introduction
  10. Lesson 5: Infrastructure Security Part 1
    1. Learning objectives
    2. 5.1 Edge Security
    3. 5.2 VPC Network Security
    4. 5.3 VPC Egress Security
    5. 5.4 Multiple VPC Strategies
    6. 5.5 Case Study: Multi-scope Infrastructure Design
    7. 5.6 Question Breakdown
  11. Lesson 6: Infrastructure Security Part 2
    1. Learning objectives
    2. 6.1 Network Troubleshooting
    3. 6.2 Host-Based Security
    4. 6.3 Case Study: The Golden AMI Pipeline
    5. 6.4 Question Breakdown
  12. Module 5: Identity and Access Management
    1. Module introduction
  13. Lesson 7: Permissions and Roles
    1. Learning objectives
    2. 7.1 AWS Credentials
    3. 7.2 IAM Policy Details
    4. 7.3 IAM Policy Conditions
    5. 7.4 Policy Evaluation Logic
    6. 7.5 Assuming IAM Roles
    7. 7.6 Case Study: IAM Policy Examples
    8. 7.7 Question Breakdown
  14. Lesson 8: Federation and Resource-based Access Control
    1. Learning objectives
    2. 8.1 SAML Federation
    3. 8.2 Cognito User Pool Federation
    4. 8.3 Cognito Identity Pool Federation
    5. 8.4 AWS SSO Federation
    6. 8.5 AWS Organizations
    7. 8.6 S3 Access Control
    8. 8.7 API Gateway and Lambda Access Control
    9. 8.8 Troubleshooting Permissions
    10. 8.9 Case Study: Broken Permission Examples
    11. 8.10 Question Breakdown
  15. Module 6: Data Protection
    1. Module introduction
  16. Lesson 9: Key Management
    1. Learning objectives
    2. 9.1 Symmetric Data Encryption
    3. 9.2 AWS KMS Basics
    4. 9.3 AWS KMS Access Control
    5. 9.4 AWS CloudHSM
    6. 9.5 AWS Certificate Manager
    7. 9.6 Using Keys for Authentication
    8. 9.7 Troubleshooting Key Management
    9. 9.8 Case Study: CloudWatch Logs Encryption
    10. 9.9 Question Breakdown
  17. Lesson 10: Data Encryption At-rest and In Transit
    1. Learning objectives
    2. 10.1 Data Encryption At-rest by Default
    3. 10.2 Data Encryption At-rest as Option
    4. 10.3 Data Encryption At-rest Operations
    5. 10.4 Data Encryption In Transit - Web
    6. 10.5 Data Encryption In Transit - Storage
    7. 10.6 Data Encryption In Transit - Network
    8. 10.7 Case Study: End-to-End Encryption
    9. 10.8 Question Breakdown
  18. Module 7: Next Steps
    1. Module introduction
  19. Lesson 11: Next Steps
    1. Learning objectives
    2. 11.1 Study Strategies
    3. 11.2 Study Resources
  20. Summary
    1. AWS Certified Security - Specialty: Summary

Product information

  • Title: AWS Certified Security - Specialty
  • Author(s): Chad Smith
  • Release date: June 2019
  • Publisher(s): Pearson
  • ISBN: 0135771994