Aws Certified Security Specialty 2023 [New]

Last updated 7/2023
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 18.55 GB | Duration: 34h 7m

All-In-One Course to CLEAR the AWS Certified Security Specialty certification (SCS-C02)

What you'll learn
PASS the AWS Certified Security Specialty certification (SCS-C02)
ALL 1000+ Slides available to download.
Gain DEEP insights about Enterprise grade Security implementation.
DETECT attacks and PROTECT the AWS infrastructure from Hackers.

Requirements
Basics of AWS
AWS Solutions Architect Associate or Equivalent Knowledge

Description
AWS Certified Security - Specialty certification is one of the widely recognized security certifications across the industry. With the number of security breaches increasing every year, there is a huge demand for individuals who understands the security side of things, specifically Cloud-based Infrastructures.This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2023 certification as well for those who want to master the security side of AWS.Throughout the course, we explore various Real World scenarios and look into why do website gets hacked, what could have been done to prevent it, and learn the best practices related to Security for your AWS environment.Since this is a Specialty level certification, it is very important that the candidate has a prior hands-on experience in AWS, and this also acts as a pre-requisite to this certification. We do start our journey into the security side of things from scratch.With tons of quizzes in order to prepare you for exams, Real-world scenarios, and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the certification.I look forward to seeing you join us in this exciting journey on AWS Security.

Overview
Section 1: Getting started with the course

Lecture 1 Introduction to the Course

Lecture 2 Insights into AWS Security Specialty Exam Blueprint

Lecture 3 Document - Exam Blueprint PDF

Lecture 4 Important Course Resources

Lecture 5 PPT-Notes for Course

Lecture 6 Our Community

Section 2: Domain 1 - Threat Detection and Incident Response

Lecture 7 Case Study of Hacked Server

Lecture 8 AWS Abuse Reports

Lecture 9 Overview of Amazon GuardDuty

Lecture 10 Amazon GuardDuty Practical

Lecture 11 Malware Scan in Amazon GuardDuty

Lecture 12 Malware Scanning Practical

Lecture 13 Whitelisting Alerts in AWS GuardDuty

Lecture 14 Document - GuardDuty Alert Lists

Lecture 15 Centralized Dashboards for GuardDuty Findings

Lecture 16 Incident Response

Lecture 17 Scenario - Exposed IAM Access/Secret Keys in GitHub

Lecture 18 Document - Deny Based IAM Policy

Lecture 19 Use Case - Dealing with Exposed Access Keys - NEW

Lecture 20 Document - Reference Data

Lecture 21 Use Case - Dealing with compromised EC2 Instances

Lecture 22 Amazon Detective

Lecture 23 Incident Response in Cloud

Lecture 24 Penetration Testing in AWS (New)

Section 3: Domain 2 -Security Logging and Monitoring

Lecture 25 Introduction to Vulnerability, Exploit, Payload

Lecture 26 VEP Practical - Hacking inside a test farm

Lecture 27 Overview of Amazon Inspector

Lecture 28 AWS Inspector Vulnerability Scans

Lecture 29 Common Vulnerabilities Exposures & CVSS - NEW

Lecture 30 AWS Security Hub

Lecture 31 Overview of Layer 7 Firewalls

Lecture 32 Understanding AWS WAF

Lecture 33 Deploying AWS WAF

Lecture 34 Overview of AWS Systems Manager

Lecture 35 Configure SSM Agent

Lecture 36 Overview of Sessions Manager

Lecture 37 SSM - Run Command

Lecture 38 Overview of Patch Manager

Lecture 39 Parameter Store

Lecture 40 Systems Manager Automation

Lecture 41 Systems Manager Inventory

Lecture 42 Creating our First Inventory in SSM

Lecture 43 Overview of Unified CloudWatch Agent

Lecture 44 Unified CloudWatch Agent - Practical

Lecture 45 Document - Unified CloudWatch Agent

Lecture 46 CloudWatch Logs Insights

Lecture 47 CloudWatch Metric Filters

Lecture 48 CloudWatch Subscription Filters

Lecture 49 Amazon EventBridge

Lecture 50 Amazon Athena

Lecture 51 Revising AWS Config

Lecture 52 Revising AWS Config - Practical

Lecture 53 AWS Config Aggregator

Lecture 54 Configuring Config Aggregator

Lecture 55 Remediating Non-Compliant Config Rules with SSM Automation

Lecture 56 Remediating Non-Compliant Config Rules with SSM Automation - Practical

Lecture 57 Understanding CloudTrail

Lecture 58 Creating First CloudTrail Trail

Lecture 59 CloudTrail Event Types

Lecture 60 CloudTrail - Log File Integrity Validation

Lecture 61 Document - S3 Log File Validation

Lecture 62 Digest Delivery Times

Lecture 63 Overview of Amazon Macie

Lecture 64 Detecting Sensitive Files with Macie

Lecture 65 S3 Event Notification

Lecture 66 Revising VPC Flow Logs

Lecture 67 VPC Flow Logs In-Detail

Lecture 68 Centralized Logging Architecture

Lecture 69 Cross-Account Logging for CloudTrail

Lecture 70 Document - Centralized Logging Policy

Lecture 71 Considerations - S3 Bucket Policy for Cross Account CloudTrail

Lecture 72 Document - Conditional S3 Bucket Policy for CloudTrail

Lecture 73 AWS SNS

Lecture 74 Streaming Data & Amazon Kinesis

Lecture 75 Amazon Kinesis Service Offerings

Lecture 76 Amazon CodeGuru

Section 4: Domain 3 - Infrastructure Security

Lecture 77 VPC Reachability Analyzer

Lecture 78 Network Access Analyzer

Lecture 79 VPC Traffic Mirroring

Lecture 80 VPC Traffic Mirroring Practicals

Lecture 81 Bastion Hosts & SSH Agent Forwarding

Lecture 82 Document - Commands for SSH Agent Forwarding

Lecture 83 Introduction to Virtual Private Networks

Lecture 84 Understanding AWS Client VPN Endpoints

Lecture 85 Creating Client VPN Endpoints

Lecture 86 Document - Commands to Setup ClientVPN Endpoint

Lecture 87 Overview of AWS VPN Tunnels

Lecture 88 VPC Peering

Lecture 89 Overview of VPC Endpoints

Lecture 90 Implementing Gateway VPC Endpoints

Lecture 91 VPC Endpoint Policies

Lecture 92 Overview of Interface VPC Endpoints

Lecture 93 Implementing Interface Endpoints

Lecture 94 Overview of VPC Endpoint Services

Lecture 95 Overview of Transit Gateways

Lecture 96 Base Transit Gateway Concepts

Lecture 97 Transit Gateway Practical

Lecture 98 Understanding Direct Connect

Lecture 99 MAC Security

Lecture 100 Network ACLs

Lecture 101 NACL - Rule Ordering

Lecture 102 Understanding Stateful vs Stateless Firewalls

Lecture 103 IDS / IPS in AWS

Lecture 104 Understanding the Content Delivery Networks

Lecture 105 Demo - CloudFront Distribution

Lecture 106 Understanding Edge Locations

Lecture 107 Deploying CloudFront Distribution

Lecture 108 Overview of Origin Access Identity

Lecture 109 Implementing OAC in CloudFront

Lecture 110 Document - S3 Policy for OAC

Lecture 111 Overview of CloudFront Signed URLs

Lecture 112 Implementing CloudFront Signed URLs

Lecture 113 Field Level Encryption in CloudFront

Lecture 114 Real World example on DOS Implementation

Lecture 115 AWS Shield

Lecture 116 Mitigating DDOS Attacks

Lecture 117 Document - DDoS References

Lecture 118 Revising the Basics of API

Lecture 119 Introduction to API Gateway

Lecture 120 REST APIs vs HTTP APIs

Lecture 121 Creating HTTP API

Lecture 122 Creating REST APIs

Lecture 123 API Keys and Usage Plans

Lecture 124 Lambda & S3

Lecture 125 EC2 Key-Pair Troubleshooting

Lecture 126 EC2 Tenancy Attribute

Lecture 127 AWS Artifact

Lecture 128 Lambda@Edge

Lecture 129 Lambda@Edge Demo

Lecture 130 DNS Attributes in VPC

Lecture 131 DNS Query Logging

Lecture 132 Implementing Route53 Query Logging

Lecture 133 Overview of Network Firewall

Lecture 134 Important Note - Billing

Lecture 135 Deploying Network Firewall

Lecture 136 Elastic Network Interface

Lecture 137 Bring Your Own IP

Lecture 138 AWS SES

Lecture 139 Sending Email through SES

Lecture 140 Types of SES Credentials

Lecture 141 SES SMTP Endpoint

Lecture 142 Overview of EC2 Image Builder

Lecture 143 Building Image Pipeline with EC2 Image Builder

Section 5: Domain 4 - Identity and Access Management

Lecture 144 Overview of AWS Organizations

Lecture 145 Creating our first AWS Organization & SCP

Lecture 146 Organizational Unit (OU) in AWS organization

Lecture 147 Strategies for using SCPs

Lecture 148 Switching from Deny List to Allow List SCPs

Lecture 149 Document - SCP AllowList Policy

Lecture 150 IAM Policy Evaluation Logic

Lecture 151 Identity and Resource Based Policies

Lecture 152 Understanding IAM Policies

Lecture 153 IAM Policies - Part 02

Lecture 154 Identity Account Architecture

Lecture 155 Creating Cross-Account IAM Roles

Lecture 156 Cross Account IAM Policy Document

Lecture 157 External ID in Delegation

Lecture 158 EC2 Instance Meta-Data

Lecture 159 Revising IAM Role

Lecture 160 Understanding working of an IAM role

Lecture 161 IPTABLES & Instance Meta-Data

Lecture 162 Document - Commands

Lecture 163 IAM - Version Element

Lecture 164 IAM Policy Variables

Lecture 165 Document - IAM Policy Variable

Lecture 166 Principal and NotPrincipal Element

Lecture 167 Document - Resource Policy for Principal Element

Lecture 168 Implementing NotPrincipal Element

Lecture 169 Document - NotPrincipal S3 Bucket Policy

Lecture 170 Conditionl Element

Lecture 171 Document - Condition Policy Examples

Lecture 172 AWS Security Token Service

Lecture 173 Federation

Lecture 174 Understanding SAML for SSO

Lecture 175 Understanding Active Directory

Lecture 176 Introduction to AWS Directory Service

Lecture 177 Trusts in Active Directory

Lecture 178 Overview of IAM Identity Center

Lecture 179 IAM Identity Center Concepts

Lecture 180 IAM Identity Center Practicals

Lecture 181 Amazon Cognito

Lecture 182 S3 Bucket Policies

Lecture 183 Bucket Policy Document

Lecture 184 Regaining Access to Locked S3 Bucket

Lecture 185 Bucket Policy Document - Deny Statements

Lecture 186 Cross Account S3 Bucket Configuration

Lecture 187 Document - Cross Account S3 Bucket Policy.

Lecture 188 Canned ACLs

Lecture 189 Document - Canned ACLs Commands

Lecture 190 Understanding Presigned URLs

Lecture 191 S3 Versioning

Lecture 192 S3 Batch Operations

Lecture 193 S3 - Cross Region Replication

Lecture 194 S3 Object Lock

Lecture 195 S3 Inventory

Lecture 196 S3 Inventory Practical

Lecture 197 S3 - Server Access Logging

Lecture 198 Server Access Logging Practical

Lecture 199 S3 - Cross Account Replication

Lecture 200 Cross Account Replication Practical

Lecture 201 Document - Bucket Policy for Cross Account Replication

Lecture 202 MFA Protected API Access

Lecture 203 Document - MFA CLI Commands

Lecture 204 IAM Permission Boundaries

Lecture 205 IAM and S3

Lecture 206 Document - IAM Policies

Lecture 207 Troubleshooting IAM Policies

Lecture 208 Document - Troubleshooting Policies

Lecture 209 Troubleshooting Answers - Solution 01

Lecture 210 Troubleshooting Answers - Solution 02

Lecture 211 Troubleshooting Answers - Solution 03

Lecture 212 Troubleshooting Answers - Solution 04

Lecture 213 Troubleshooting Answers - Solution 05

Lecture 214 IAM Service Role and Pass Role

Lecture 215 Document Code - Pass Role Policy

Lecture 216 Attribute-Based Access Control

Lecture 217 Document - ABAC Policy

Lecture 218 Amazon WorkMail

Lecture 219 IAM Access Analyzer

Lecture 220 Generating Findings on Shared Resources

Lecture 221 IAM Access Advisor

Section 6: Domain 5 - Data Protection

Lecture 222 Introduction to Cryptography

Lecture 223 Understanding communication Protocols

Lecture 224 Plain Text vs Encrypted Text Based Protocols

Lecture 225 AWS CloudHSM

Lecture 226 Important Pointers - CloudHSM

Lecture 227 AWS Key Management Service

Lecture 228 Creating our first Customer Managed Key (CMK)

Lecture 229 Document - CMKs References

Lecture 230 Envelope Encryption with KMS

Lecture 231 Schedule Key Deletion

Lecture 232 KMS Key Categories

Lecture 233 Overview of Asymmetric Key Encryption

Lecture 234 Asymmetric Keys with KMS

Lecture 235 Document - Asymmetric Encryption Commands

Lecture 236 Digital Signing with KMS

Lecture 237 Document - Digital Signing with KMS Commands

Lecture 238 AWS Key Management Service - Data Key Caching

Lecture 239 AWS Key Management Service - CMK Deletion & EBS Use-Case

Lecture 240 Access Control in KMS

Lecture 241 Importance of Default Key Policy

Lecture 242 Reducing Risk of Unmanageable CMK

Lecture 243 KMS Policy Evaluation Logic - Use-Case 1

Lecture 244 Document - KMS Use-Case 1

Lecture 245 KMS Policy Evaluation Logic - Use Case Solution - 01

Lecture 246 KMS Policy Evaluation Logic - Use Case 2

Lecture 247 Document - KMS Use Case 02

Lecture 248 KMS Policy Evaluation Logic - Use Case 02 Solution

Lecture 249 KMS Policy Evaluation Logic - Use Case - 3

Lecture 250 Document - KMS Use Case 03

Lecture 251 KMS Policy Evaluation Logic Solution - Use Case 3

Lecture 252 KMS Grants

Lecture 253 Document - KMS Grants Commands

Lecture 254 Importing Key Material to KMS

Lecture 255 Document - Imported Key Material Commands

Lecture 256 KMS ViaService

Lecture 257 Document - KMS ViaService Policy

Lecture 258 Migrating Encrypted KMS Data Across Regions

Lecture 259 Multi-Region KMS

Lecture 260 Benefits of CloudHSM over KMS

Lecture 261 S3 Encryption

Lecture 262 Load Balancing in AWS

Lecture 263 OSI Model & AWS ELB

Lecture 264 Classic Load Balancers

Lecture 265 Overview of Application Load Balancers

Lecture 266 Listener and Target Groups

Lecture 267 ALB Practicals

Lecture 268 Network Load Balancers

Lecture 269 ELB Access Logs

Lecture 270 Client IP Preservation

Lecture 271 Understanding HTTPS Connections

Lecture 272 Overview of AWS Certificate Manager

Lecture 273 Issuing Certificates with ACM

Lecture 274 HTTPS Listeners in ELB

Lecture 275 Glacier Vault and Vault Lock

Lecture 276 DynamoDB Encryption

Lecture 277 Encryption Context in KMS

Lecture 278 Document - Encrypted Context Commands

Lecture 279 Overview of AWS Secrets Manager

Lecture 280 Creating our First Secret in Secrets Manager

Lecture 281 Rotating Secrets

Lecture 282 Overview of Route53 Resolver

Lecture 283 Route53 Resolver DNS Firewall

Lecture 284 Configuring Route53 DNS Firewall

Lecture 285 DNS Firewall VPC Configuration Options

Lecture 286 DNS Cache Poisoning Attack

Lecture 287 Document - External Link

Lecture 288 Overview of DNSSEC

Lecture 289 PCAP Files - DNS and DNSSEC

Lecture 290 Configuring DNSSEC in Route53

Lecture 291 AWS Signer

Lecture 292 Integrating Signer with Lambda

Lecture 293 Overview of EBS Snapshots

Lecture 294 EBS Encryption

Lecture 295 Enabling Encryption by Default

Lecture 296 EBS Encryption Scenerios

Lecture 297 Encrypted EBS Snapshot Sharing

Lecture 298 Overview of Elastic File System (EFS)

Lecture 299 Creating and Mounting EFS in EC2

Lecture 300 Document - EFS Commands

Lecture 301 EFS File System Policies

Lecture 302 Data Encryption in EFS

Lecture 303 Enforcing In-Transit Encryption in EFS

Lecture 304 IAM Authentication in EFS

Lecture 305 Document - IAM Policy

Lecture 306 Overview of AWS Backup

Lecture 307 Creating Backup Plan

Section 7: Domain 6 - Management and Security Governance

Lecture 308 Resource Access Manager

Lecture 309 VPC Sharing in AWS

Lecture 310 AWS Control Tower

Lecture 311 Firewall Manager

Lecture 312 Trusted Advisor

Lecture 313 Overview of Service Catalog

Lecture 314 Creating Product and Portfolio in Service Catalog

Lecture 315 Document Code - AWS Service Catalog

Lecture 316 AWS Cost Explorer

Section 8: Important points for Exams

Lecture 317 Our Community

Those interested in gaining the AWS Security Specialty Certification,Those who wants to gain deep security insights related to AWS

Buy Premium Account From My Download Links & Get Fastest Speed.