AWS Security Essentials

AWS Security Essentials

by Chad Smith
Released February 2024
Publisher(s): Pearson
ISBN: 0135325358

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Secure your AWS cloud environment against cyber threats.

  • Get a deep understanding of AWS security concepts to protect your cloud infrastructure against cyber threats
  • Gain foundational knowledge of security strategies and implementation patterns to navigate the complexities of cloud security
  • Strategize your incident response and threat detection performance through preparation, detection, analysis, containment, and post incident activity

Get the best knowledge to secure your AWS environment. Learn efficient and effective practices for securing your AWS environment—set up encryption and implement mechanisms and advanced monitoring solutions for threat detection. You will stay ahead of threats and ensure protection for your data and application. Best-selling author and trainer Chad Smith will guide you through tools and techniques to secure your AWS resources, while also learning how to proactively detect and mitigate potential vulnerabilities.

This master class contains lessons from:

  • AWS Certified Security Specialty Certification Video (SCS-C02)
  • AWS Certified Cloud Practitioner Complete Video Course (CLF-C01)

Related Learning:

About the Instructor

Chad Smith is a technology professional, author, and trainer focused on cloud infrastructure and management. He is the Principal Cloud Architect at Brightkey.cloud and has a wealth of personal real-world experience in cloud adoption, infrastructure design, operations, and security. Chad holds current AWS certifications in Architecture, SysOps, Security, Networking and Databases, and is also certified in CompTIA Cloud+.

You can follow Chad here:

Skill Level:

  • Intermediate

Course requirement:

  • None

Table of contents

  1. Introduction
    1. AWS Security Essentials: Introduction
  2. Module 1: AWS Security Foundations
    1. Module introduction
  3. Lesson 1: AWS Compliance Introduction
    1. Learning objectives
    2. 1.1 Compliance Information
    3. 1.2 Compliance Strategies
    4. 1.3 Auditing and Reporting
    5. 1.4 Least Privilege Concepts and Strategies
  4. Lesson 2: AWS Identity Management Introduction
    1. Learning objectives
    2. 2.1 User and Identity Management Basics
    3. 2.2 AWS Credentials and MFA
    4. 2.3 AWS Root Account
    5. 2.4 AWS IAM Users and Groups
    6. 2.5 AWS IAM Roles and Policies
  5. Lesson 3: AWS Security Support Introduction
    1. Learning objectives
    2. 3.1 AWS Network Security Capabilities
    3. 3.2 Security Documentation Types
    4. 3.3 AWS Trusted Advisor
  6. Module 2: AWS Authentication and Authorization
    1. Module introduction
  7. Lesson 4: AWS Authentication
    1. Learning objectives
    2. 4.1 Strong Sign-in Mechanisms
    3. 4.2 Temporary Credentials - Account Federation
    4. 4.3 Temporary Credentials - Application Federation
    5. 4.4 Temporary Credentials - Machine Identities
    6. 4.5 Store and Use Secrets Securely
    7. 4.6 Identity Provider Centralization
    8. 4.7 Audit and Rotate Credentials
    9. 4.8 User Groups and Attributes
  8. Lesson 5: AWS Authorization
    1. Learning objectives
    2. 5.1 AWS Policy Types
    3. 5.2 Access Requirements
    4. 5.3 Permission Policy Elements
    5. 5.4 AWS Policy Evaluation Logic
    6. 5.5 Emergency Access Strategies
    7. 5.6 Permissions Reduction Strategies
    8. 5.7 Permissions Guardrails
    9. 5.8 Access Management Lifecycles
    10. 5.9 Cross-Account Access
    11. 5.10 AWS Organizations Sharing
    12. 5.11 Third-party Sharing
  9. Module 3: AWS Infrastructure Security
    1. Module introduction
  10. Lesson 6: AWS Network Security
    1. Learning objectives
    2. 6.1 Edge Security Services
    3. 6.2 Defense in Depth Example
    4. 6.3 VPC Security
    5. 6.4 Network Encryption Options
    6. 6.5 AWS Network Firewall
  11. Lesson 7: AWS Compute Security
    1. Learning objectives
    2. 7.1 EC2 Vulnerability Management
    3. 7.2 Secure Credentials and Secrets
    4. 7.3 Network Connectivity Scenarios
    5. 7.4 Extended Troubleshooting Scenario
  12. Module 4: AWS Data Protection
    1. Module introduction
  13. Lesson 8: AWS In-Transit Data Protection
    1. Learning objectives
    2. 8.1 Three Goals of Data Encryption
    3. 8.2 Network Traffic Encryption Options
    4. 8.3 Cross-region Data Protection
    5. 8.4 AWS Certificate Manager
    6. 8.5 AWS Private Certificate Authority
    7. 8.6 In-transit Encryption Enforcement
  14. Lesson 9: AWS At-Rest Data Protection
    1. Learning objectives
    2. 9.1 Data Integrity Strategies
    3. 9.2 At-rest Encryption Examples
    4. 9.3 Symmetric Data Encryption
    5. 9.4 KMS Features
    6. 9.5 KMS Key Types
    7. 9.6 KMS Access Control
    8. 9.7 Other At-rest Encryption Strategies
    9. 9.8 Data Modification Prevention
  15. Lesson 10: AWS Data Lifecycle and Secret Management
    1. Learning objectives
    2. 10.1 Data Retention Strategies
    3. 10.2 Data Retention Services and Features
    4. 10.3 KMS Asymmetric Keys
    5. 10.4 Credential and Secret Rotation
    6. 10.5 Secrets Manager Access Control
  16. Module 5: AWS Security Logging and Monitoring
    1. Module introduction
  17. Lesson 11: AWS Security Monitoring
    1. Learning objectives
    2. 11.1 CloudWatch Alarms
    3. 11.2 EventBridge Rules
    4. 11.3 Security Alert Automation
    5. 11.4 Troubleshooting Scenario 1
    6. 11.5 Troubleshooting Scenario 2
  18. Lesson 12: AWS Security Logging
    1. Learning objectives
    2. 12.1 AWS Security Log Sources
    3. 12.2 Security Log Delivery, Storage, and Retention
    4. 12.3 Troubleshooting Logging Permissions
    5. 12.4 CloudTrail Troubleshooting Scenario
    6. 12.5 Log Analysis Options
  19. Module 6: AWS Security Governance and Compliance
    1. Module introduction
  20. Lesson 13: AWS Resource Governance
    1. Learning objectives
    2. 13.1 AWS Organizations
    3. 13.2 AWS Control Tower
    4. 13.3 AWS Control Tower Account Factory
    5. 13.4 AWS Resource Groups
    6. 13.5 AWS Organizations Tag Policies
    7. 13.6 AWS Firewall Manager
    8. 13.7 Resource Access Manager
  21. Lesson 14: AWS Security Compliance
    1. Learning objectives
    2. 14.1 AWS Macie
    3. 14.2 AWS Config, CloudWatch Logs, and Security Hub
    4. 14.3 AWS Audit Manager
    5. 14.4 Well-Architected Framework and Tool
    6. 14.5 Cost Analysis and Anomalies
  22. Module 7: Incident Response and Threat Detection
    1. Module introduction
  23. Lesson 15: AWS Incident Response Plan Implementation
    1. Learning objectives
    2. 15.1 Incident Response Plan Workflow
    3. 15.2 Incident Response Preparation
    4. 15.3 Security Service Deployment Part 1
    5. 15.4 Security Service Deployment Part 2
  24. Lesson 16: AWS Security Incident Detection
    1. Learning objectives
    2. 16.1 Incident Response Detection and Analysis
    3. 16.2 Alert Sources
    4. 16.3 Security Alerting Types
    5. 16.4 Incident Response Containment
    6. 16.5 Source, Access, and Destination Containment
    7. 16.6 Incident Response Eradication
    8. 16.7 Incident Response Recovery
    9. 16.8 Incident Response Post-Incident Activity
  25. Summary
    1. AWS Security Essentials: Summary

Product information

  • Title: AWS Security Essentials
  • Author(s): Chad Smith
  • Release date: February 2024
  • Publisher(s): Pearson
  • ISBN: 0135325358