AWS Cloud Security

Video description

More Than 6.5 Hours of Video Instruction

More than 6.5 hours of video instruction to help you learn the skills necessary to implement security in an Amazon Web Services (AWS) Cloud environment.

AWS Cloud Security LiveLessons explores Amazon Web Services (AWS), which offers a scalable cloud computing platform designed for high availability and reliability, providing the tools that allow you to run a wide range of applications. Helping to protect the confidentiality, integrity, and availability (CIA) of your systems and data is of the utmost importance. The AWS infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It is designed to provide an extremely scalable, highly reliable platform that allows customers to deploy applications and data quickly and securely.

This course first covers the basics and rapid deployment capabilities of AWS to build a knowledge foundation for individuals who are brand new to cloud computing and AWS. You will explore the methods that AWS uses to secure their cloud services. You will learn how you, as an AWS customer, can have the most secure cloud solution possible for a wide variety of implementation scenarios. This course delves into the flexibility and agility needed to implement the most applicable security controls for your business functions in the AWS environment through deploying varying degrees of restrictive access to environments based on data sensitivity.

Through onscreen demos and detailed instruction, seasoned presenter Michael J. Shannon takes you through the key facets of AWS best practices and services in the areas of shared security and compliance; identity and access management; infrastructure security; data protection; and logging and monitoring to ensure that your AWS environment remains secure.

Topics include:

  • AWS Security Fundamentals
  • AWS Shared Security Responsibility Model
  • AWS Compliance Services
  • Understanding Users and Credentials
  • Identity and Access Management (IAM)
  • NACLs and Security Groups
  • AWS WAF and AWS Shield
  • Cryptographic Services
  • Key Management
  • Visibility and Reporting

About the Instructor

Michael J Shannon began his IT career when he transitioned from a recording studio engineer to network technician for a major telecommunications company in the early 90s. He soon began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT, he has worked as an employee, contractor, trainer, and consultant for a number of companies including Platinum Technologies, Fujitsu, IBM, State Farm, Pearson, MindSharp, Thomson/NetG, and Skillsoft, among others. Mr. Shannon has authored several books, training manuals, published articles, and produced dozens of CBT titles through the years as well. For security purposes, he has attained the CISSP, CCNP Security, Palo Alto Networks Certified Network Security Engineer, Security+, and ITIL Intermediate SO and RCV certifications. He resides with his wife in Abilene, Texas.

Skill Level

Intermediate systems/network/application professional

Learn How To

  • Apply security concepts, models, and services in an AWS environment
  • Manage user account credentials and deploy AWS Identity and Access Management (IAM) to manage access to AWS services and resources securely
  • Protect your network through best practices using NACLs and security groups, as well as the security offered by AWS Web Application Firewall (WAF) and AWS Shield
  • Protect your data with IPsec, AWS Certificate Manager, AWS Key Management Services (KMS), AWS CloudHSM, and other key management approaches
  • Ensure that your AWS environment is secure through logging, monitoring, auditing, and reporting services available in AWS

Who Should Take This Course

  • Existing certified cloud practitioners interested in building a strong security foundation to enhance their experience with Amazon EC2, VPC, and many other services
  • Individuals preparing for the AWS Solutions Architect, Developer, and SysOps Administrator Associate certifications
  • Anyone moving into or advancing in the IT and Information Security field

Course Requirements

Requires basic knowledge of cloud networking and network security concepts and technologies.

Lesson descriptions

Lesson 1, AWS Security Fundamentals, covers security fundamentals including understanding the CIA triad; examining types and categories of controls; reviewing core AWS Services; and surveying common threats to AWS services.

Lesson 2, AWS Shared Security Responsibility Model, covers the very important AWS shared security responsibility model. Topics include: understanding the shared security responsibility model; establishing AWS responsibilities, including security of and in the cloud. Finally, this lesson concludes with a look at strategies when planning for security.

Lesson 3, AWS Compliance Services, is all about AWS compliance services. You will learn about the AWS premium support services; understand risk and compliance; and look at a case study of HIPAA security and compliance.

Lesson 4, Understanding Users and Credentials, explores users and credentials as well as the account root user. In addition, you’ll learn to configure user accounts and credentials; learn about password policies; and review Identity and Access Management (IAM) best practices

Lesson 5, Identity and Access Management (IAM), looks deeper at the AWS IAM service. You will first learn the basics of IAM; explore IAM users and groups; IAM roles; managed and custom Policies; and examine IAM Federated Services, the AWS Security Token Service (STS); and wrap up with a look at AWS Cognito.

Lesson 6, NACLs and Security Groups, covers network access control lists (NACLs)and security groups with a focus on understanding security zoning, network segmentation, and best Practices for network security in the cloud.

Lesson 7, AWS WAF and AWS Shield, focuses on having a working knowledge of the mechanics of and working with the AWS Web Application Firewall (WAF) and AWS Shield. The lesson explores distributed denial of service (DDoS) protection and response; the AWS WAF Advanced API; deploying malware protection best practices; and surveying layered defense in the cloud.

Lesson 8, Cryptographic Services, covers the basics of cryptographic services; IPsec fundamentals, IPsec in AWS; and AWS Certificate Manager.

In Lesson 9, Key Management, explores AWS Key Management Services (KMS); how to protect EC2 key pairs; how to use encrypted EBS volumes; how to work with Server-Side Encryption (SSE) in S3; and concludes with a look at AWS CloudHSM Security.

Lesson 10, Logging and Monitoring, covers topics including visibility and reporting; security reporting and logging in AWS; activating Flow Logs and Region-based CloudTrail; AWS Auditing; Pre-Audit Tasks, and concludes with a look at additional security services offered in an AWS environment.

About Pearson Video Training

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.

Table of contents

  1. Introduction
    1. AWS Cloud Security: Introduction
  2. Module 1: Amazon Web Services Foundations
    1. Module introduction
  3. Lesson 1: AWS Security Fundamentals
    1. Learning objectives
    2. 1.1 Understanding the CIA Triad
    3. 1.2 Examining Types and Categories of Controls
    4. 1.3 Reviewing Core AWS Services
    5. 1.4 Surveying Common Threats to AWS Services
  4. Lesson 2: AWS Shared Security Responsibility Model
    1. Learning objectives
    2. 2.1 Understanding the Shared Security Responsibility Model
    3. 2.2 Establishing AWS Responsibilities: Security of the Cloud
    4. 2.3 Establishing Customer Responsibilities: Security in the Cloud
    5. 2.4 Surveying Strategies When Planning for Security
  5. Lesson 3: AWS Compliance Services
    1. Learning objectives
    2. 3.1 Understanding AWS Premium Support Services
    3. 3.2 Understanding Risk and Compliance
    4. 3.3 Case Study: HIPAA Security and Compliance (and GDPR)
  6. Module 2: Identity and Access Management
    1. Module introduction
  7. Lesson 4: Understanding Users and Credentials
    1. Learning objectives
    2. 4.1 Examining the Account Root User
    3. 4.2 Exploring User Accounts and Credentials
    4. 4.3 Exploring Password Policies
    5. 4.4 Deploying Identity and Access Management Best Practices
  8. Lesson 5: Identity and Access Management (IAM)
    1. Learning objectives
    2. 5.1 Understanding IAM
    3. 5.2 Exploring IAM Users and Groups
    4. 5.3 Exploring IAM Roles
    5. 5.4 Exploring IAM Managed Policies
    6. 5.5 Exploring IAM Custom Policies
    7. 5.6 Exploring IAM Federated Services
    8. 5.7 Understanding AWS Security Token Service (STS)
    9. 5.8 Understanding AWS Cognito
  9. Module 3: Infrastructure Security
    1. Module introduction
  10. Lesson 6: NACLs and Security Groups
    1. Learning objectives
    2. 6.1 Understanding Security Zoning and Network Segmentation
    3. 6.2 Deploying Best Practices for Network Security in the Cloud
    4. 6.3 Comparing Security Groups to Network ACLs
    5. 6.4 Working with Network ACLs
    6. 6.5 Surveying Recommended NACL Scenarios
    7. 6.6 Understanding Security Groups
    8. 6.7 Working with Security Groups
    9. 6.8 Understanding Security Groups for Windows Instances
  11. Lesson 7: AWS WAF and AWS Shield
    1. Learning objectives
    2. 7.1 Understanding Web Application Firewall (WAF)
    3. 7.2 Working with WAF
    4. 7.3 Exploring DDoS Protection and Response
    5. 7.4 Exploring AWS WAF Advanced API
    6. 7.5 Understanding AWS Shield
    7. 7.6 Working with AWS Shield
    8. 7.7 Deploying Malware Protection Best Practices
    9. 7.8 Surveying Layered Defense in the Cloud
  12. Module 4: Data Protection
    1. Module introduction
  13. Lesson 8: Cryptographic Services
    1. Learning objectives
    2. 8.1 Understanding Cryptography Basics
    3. 8.2 Understanding IPsec Fundamentals
    4. 8.3 Examining IPsec in AWS
    5. 8.4 Exploring AWS Certificate Manager
  14. Lesson 9: Key Management
    1. Learning objectives
    2. 9.1 Understanding AWS Key Management Services (KMS)
    3. 9.2 Working with AWS KMS
    4. 9.3 Protecting EC2 Key Pairs
    5. 9.4 Using Encrypted EBS Volumes
    6. 9.5 Examining Server Side Encryption (SSE) in S3
    7. 9.6 Exploring AWS CloudHSM Security
  15. Module 5: Logging and Monitoring
    1. Module introduction
  16. Lesson 10: Visibility and Reporting
    1. Learning objectives
    2. 10.1 Understanding Security Reporting and Logging in AWS
    3. 10.2 Activating FlowLogs and Region-based CloudTrail
    4. 10.3 Understanding AWS Auditing
    5. 10.4 Exploring Pre-Audit Tasks
    6. 10.5 Surveying Additional Security Services
  17. Summary
    1. AWS Cloud Security: Summary

Product information

  • Title: AWS Cloud Security
  • Author(s): Michael Shannon
  • Release date: August 2018
  • Publisher(s): Pearson
  • ISBN: 0135174783