AWS Certified Security - Specialty

Video description

Enable security as part of your AWS architecture and prepare your response to security events like a security professional.

About This Video

  • Covers specialized data classifications, data encryption methods, AWS security services, and mechanisms you can use to implement them and secure your production environment
  • Make security operations and business-risk trade-off decisions with regards to cost, security, and deployment complexity when given a set of application requirements
  • Covers domains including Incident Response, Logging and Monitoring, Infrastructure Security, Identity and Access Management, and Data Protection

In Detail

The AWS Certified Security - Specialty certification gives AWS architects not only essential know-how, but also a strong foundation on which to build security into AWS architectures at every level. This course will teach you to apply security at all AWS layers, including encrypting and protecting data at rest and in transit and how to prepare for (and respond to) security events.

In this course, you'll learn how to secure your data and your AWS services/resources at multiple levels using a defense-in-depth approach. You'll learn how to protect your AWS credentials and resources using Identity and Access Management. You'll capture and analyze logs using CloudTrail, CloudWatch, and Athena. Finally, you'll learn how to implement network and instance security, encrypt data at rest and in transit and set up data backup, replication, and recovery.

By the end of this course, you'll be ready to control access to your AWS resources granularly. You will develop the skills to ace the exam for the Security Solutions certification.

If you're a cloud professional wanting to ace the AWS Certified Security - Specialty certification, or a cloud professional looking to build security layers into every AWS deployment to protect data at rest and in transit, then this course will be your go-to resource to achieve success.


This course is for cloud professionals who want to ace the AWS Certified Security – Specialty certification. Cloud professional looking to build security layers into every AWS deployment to protect data at rest and in transit will also benefit from this course. Prior knowledge of security controls for workloads on AWS (and IT security experience in designing and implementing security solutions) is assumed. Familiarity with AWS will be beneficial.

Publisher resources

Download Example Code

Table of contents

  1. Chapter 1 : Course Introduction
    1. The Course Overview
    2. Certification Benefits Recap
    3. Understanding the Shared Responsibility Model
    4. Birds-Eye View of AWS Security
    5. Setting up Your AWS Environment
  2. Chapter 2 : Understanding Infrastructure Security - Part One
    1. Using Key Pairs with EC2 Instances
    2. Understanding Hypervisors and Isolation in EC2 Instances
    3. Get to Know AWS Secrets Manager
    4. Leveraging AWS Systems Manager, Parameter Store, and Run Command Features
  3. Chapter 3 : Understanding Infrastructure Security - Part Two
    1. What Is a VPC?
    2. Enabling Safe Internet Connectivity in VPCs
    3. AWS Marketplace Security Products
  4. Chapter 4 : Leverage AWS Services for Logging and Monitoring - Part One
    1. Enabling Centralized Logging with CloudWatch
    2. Leverage CloudTrail to Track User Activity and API Usage
    3. Using Athena to Query Your Logs
  5. Chapter 5 : Leveraging AWS Services for Logging and Monitoring - Part Two
    1. Automated Security Assessments Using AWS Inspector
    2. Intelligent Threat Detection Using AWS GuardDuty
    3. Benefits of Using Trusted Advisor
  6. Chapter 6 : Deep Dive into AWS Identity and Access Management - Part One
    1. Overview of AWS IAM for User and Group Management
    2. Deep Dive Into AWS IAM Roles and Policies
    3. Using AWS Organizations and Service Control Policies
  7. Chapter 7 : Deep Dive into AWS Identity and Access Management - Part Two
    1. Enabling Active Directory Federation Within AWS
    2. Understanding Cognito and Web Identity Federation
  8. Chapter 8 : Ensuring Data Protection - Part One
    1. Using AWS KMS to Easily Manage Data Encryption
    2. Hands-On KMS
    3. Restrict Access to S3 Buckets Using Policies and Pre-Signed URLs
    4. Enabling Vault Lock in AWS Glacier
  9. Chapter 9 : Ensuring Data Protection - Part Two
    1. Force S3 to Use CloudFront
    2. Getting to Know AWS Certificate Manager
    3. Security Considerations and Features of AWS Load Balancers
  10. Chapter 10 : Managing Incident Response
    1. Overview of a DDoS Attack
    2. Enabling AWS WAF and Shield to Protect Against DDoS Attacks
    3. Configuring Throttling and Caching in API Gateway
    4. Managing Compliance Requirements in AWS Using Artifact and Macie
  11. Chapter 11 : Final Preparation
    1. Booking Your Exam Seat
    2. Exploring Relevant Whitepapers
    3. Uncovering Additional Tips

Product information

  • Title: AWS Certified Security - Specialty
  • Author(s): Bruno Amaro Almeida
  • Release date: January 2020
  • Publisher(s): Packt Publishing
  • ISBN: 9781838550103