Aws Certified Security Specialty 2023

All you need to master AWS Certified Security Specialty certification.

What you'll learn

Will be prepared to give AWS Certified Security Specialty Exam

You will be able to Master the Security aspect of AWS

Gain deep insights about Enterprise grade Security implementation.

Will be able to detect attacks and protect the AWS infrastructure from Hackers.

Requirements

Basics of AWS

AWS Solutions Architect Associate or Equivalent Knowledge

Description

AWS Certified Security - Specialty certification is one of the widely recognized security certifications across the industry. With the number of security breaches increasing every year, there is a huge demand for individuals who understands the security side of things, specifically Cloud-based Infrastructures.This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2023 certification as well for those who want to master the security side of AWS.Throughout the course, we explore various Real World scenarios and look into why do website gets hacked, what could have been done to prevent it, and learn the best practices related to Security for your AWS environment.Since this is a Specialty level certification, it is very important that the candidate has a prior hands-on experience in AWS, and this also acts as a pre-requisite to this certification. We do start our journey into the security side of things from scratch.With tons of quizzes in order to prepare you for exams, Real-world scenarios, and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the certification.I look forward to seeing you join us in this exciting journey on AWS Security.

Overview

Section 1: Getting started with the course

Lecture 1 Overview of the Course

Lecture 2 Our Community

Section 2: Domain 1 - Incident Response

Lecture 3 Introduction to Domain 1

Lecture 4 Case Study of Hacked Server

Lecture 5 AWS Abuse Reports

Lecture 6 AWS GuardDuty

Lecture 7 Update - Guard Duty

Lecture 8 Whitelisting Alerts in AWS GuardDuty

Lecture 9 Document - GuardDuty Alert Lists

Lecture 10 Centralized Dashboards for GuardDuty Findings

Lecture 11 Incident Response

Lecture 12 Incident Response Use-Cases for Exams

Lecture 13 Use Case - Dealing with Exposed Access Keys

Lecture 14 Use Case - Dealing with compromised EC2 Instances

Lecture 15 Amazon Detective

Lecture 16 Incident Response in Cloud

Lecture 17 Penetration Testing in AWS (New)

Lecture 18 Notes - Domain 1

Section 3: Domain 2 - Logging & Monitoring

Lecture 19 Introduction to Vulnerability, Exploit, Payload

Lecture 20 VEP Practical - Hacking inside a test farm

Lecture 21 Understanding Automated Vulnerability Scanners

Lecture 22 Common Vulnerabilities Exposures & CVSS

Lecture 23 Introduction to AWS Inspector

Lecture 24 New EC2 GUI

Lecture 25 AWS Inspector Vulnerability Scans

Lecture 26 AWS Security Hub

Lecture 27 Overview of Layer 7 Firewalls

Lecture 28 Understanding AWS WAF

Lecture 29 Deploying AWS WAF

Lecture 30 Overview of AWS Systems Manager

Lecture 31 Configure SSM Agent

Lecture 32 Overview of Sessions Manager

Lecture 33 SSM - Run Command

Lecture 34 Overview of Patch Manager

Lecture 35 Parameter Store

Lecture 36 Systems Manager Automation

Lecture 37 Systems Manager Inventory

Lecture 38 Creating our First Inventory in SSM

Lecture 39 Overview of Unified CloudWatch Agent

Lecture 40 Unified CloudWatch Agent - Practical

Lecture 41 Document - Unified CloudWatch Agent

Lecture 42 Amazon EventBridge

Lecture 43 Amazon Athena

Lecture 44 Revising AWS Config

Lecture 45 Revising AWS Config - Practical

Lecture 46 Trusted Advisor

Lecture 47 Understanding CloudTrail

Lecture 48 Creating First CloudTrail Trail

Lecture 49 CloudTrail Event Types

Lecture 50 CloudTrail - Log File Integrity Validation

Lecture 51 Document - S3 Log File Validation

Lecture 52 Digest Delivery Times

Lecture 53 Overview of Amazon Macie

Lecture 54 Detecting Sensitive Files with Macie

Lecture 55 S3 Event Notification

Lecture 56 Revising VPC Flow Logs

Lecture 57 VPC Flow Logs In-Detail

Lecture 58 Centralized Logging Architecture

Lecture 59 Cross-Account Logging for CloudTrail

Lecture 60 Document - Centralized Logging Policy

Lecture 61 Considerations - S3 Bucket Policy for Cross Account CloudTrail

Lecture 62 Document - Conditional S3 Bucket Policy for CloudTrail

Lecture 63 AWS SNS

Lecture 64 Streaming Data & Amazon Kinesis

Lecture 65 Amazon Kinesis Service Offerings

Lecture 66 Notes - Domain 2

Section 4: Domain 3 - Infrastructure Security

Lecture 67 Bastion Hosts & SSH Agent Forwarding

Lecture 68 Document - Commands for SSH Agent Forwarding

Lecture 69 Introduction to Virtual Private Networks

Lecture 70 Understanding AWS Client VPN Endpoints

Lecture 71 Creating Client VPN Endpoints

Lecture 72 Document - Commands to Setup ClientVPN Endpoint

Lecture 73 Overview of AWS VPN Tunnels

Lecture 74 VPC Peering

Lecture 75 Overview of VPC Endpoints

Lecture 76 Implementing Gateway VPC Endpoints

Lecture 77 VPC Endpoint Policies

Lecture 78 Overview of Interface VPC Endpoints

Lecture 79 Implementing Interface Endpoints

Lecture 80 Overview of VPC Endpoint Services

Lecture 81 Network ACLs

Lecture 82 NACL - Rule Ordering

Lecture 83 Understanding Stateful vs Stateless Firewalls

Lecture 84 IDS / IPS in AWS

Lecture 85 EBS Architecture & Secure Data Wiping

Lecture 86 Understanding the Content Delivery Networks

Lecture 87 Demo - CloudFront Distribution

Lecture 88 Understanding Edge Locations

Lecture 89 Deploying CloudFront Distribution

Lecture 90 Origin Access Identity

Lecture 91 Overview of CloudFront Signed URLs

Lecture 92 Implementing CloudFront Signed URLs

Lecture 93 Field Level Encryption in CloudFront

Lecture 94 Real World example on DOS Implementation

Lecture 95 AWS Shield

Lecture 96 Mitigating DDOS Attacks

Lecture 97 Document - DDoS References

Lecture 98 Introduction to Application Programming Interface (API)

Lecture 99 Understanding the working of API

Lecture 100 Building Lambda Function for our API

Lecture 101 Building our first API with API Gateway

Lecture 102 Lambda & S3

Lecture 103 EC2 Key-Pair Troubleshooting

Lecture 104 EC2 Tenancy Attribute

Lecture 105 AWS Artifact

Lecture 106 Lambda@Edge

Lecture 107 Lambda@Edge Demo

Lecture 108 DNS Attributes in VPC

Lecture 109 DNS Query Logging

Lecture 110 Implementing Route53 Query Logging

Lecture 111 Overview of Network Firewall

Lecture 112 Deploying Network Firewall

Lecture 113 Firewall Manager

Lecture 114 Elastic Network Interface

Lecture 115 Bring Your Own IP

Lecture 116 Notes - Domain 3

Section 5: Domain 4 - Identity & Access Management

Lecture 117 Overview of AWS Organizations

Lecture 118 Creating our first AWS Organization & SCP

Lecture 119 Organizational Unit (OU) in AWS organization

Lecture 120 IAM Policy Evaluation Logic

Lecture 121 Identity and Resource Based Policies

Lecture 122 Understanding IAM Policies

Lecture 123 IAM Policies - Part 02

Lecture 124 Identity Account Architecture

Lecture 125 Creating Cross-Account IAM Roles

Lecture 126 Cross Account IAM Policy Document

Lecture 127 External ID in Delegation

Lecture 128 EC2 Instance Meta-Data

Lecture 129 Revising IAM Role

Lecture 130 Understanding working of an IAM role

Lecture 131 IPTABLES & Instance Meta-Data

Lecture 132 Document - Commands

Lecture 133 IAM - Version Element

Lecture 134 IAM Policy Variables

Lecture 135 Document - IAM Policy Variable

Lecture 136 Principal and NotPrincipal Element

Lecture 137 Document - Resource Policy for Principal Element

Lecture 138 Implementing NotPrincipal Element

Lecture 139 Document - NotPrincipal S3 Bucket Policy

Lecture 140 Conditionl Element

Lecture 141 Document - Condition Policy Examples

Lecture 142 AWS Security Token Service

Lecture 143 Federation

Lecture 144 Understanding SAML for SSO

Lecture 145 Overview of AWS Single Sign-On

Lecture 146 Implementing AWS SSO

Lecture 147 Integrating AWS SSO with AWS CLI

Lecture 148 Amazon Cognito

Lecture 149 Understanding Active Directory

Lecture 150 Introduction to AWS Directory Service

Lecture 151 Domain Joining EC2 instance with Directory Service

Lecture 152 Document - Joining Linux Instance with SimpleAD

Lecture 153 Trusts in Active Directory

Lecture 154 S3 Bucket Policies

Lecture 155 Bucket Policy Document

Lecture 156 Regaining Access to Locked S3 Bucket

Lecture 157 Bucket Policy Document - Deny Statements

Lecture 158 Cross Account S3 Bucket Configuration

Lecture 159 Document - Cross Account S3 Bucket Policy.

Lecture 160 Canned ACLs

Lecture 161 Document - Canned ACLs Commands

Lecture 162 Understanding Presigned URLs

Lecture 163 S3 Versioning

Lecture 164 S3 - Cross Region Replication

Lecture 165 S3 Object Lock

Lecture 166 MFA Protected API Access

Lecture 167 Document - MFA CLI Commands

Lecture 168 IAM Permission Boundaries

Lecture 169 IAM and S3

Lecture 170 Document - IAM Policies

Lecture 171 Troubleshooting IAM Policies

Lecture 172 Document - Troubleshooting Policies

Lecture 173 Troubleshooting Answers - Solution 01

Lecture 174 Troubleshooting Answers - Solution 02

Lecture 175 Troubleshooting Answers - Solution 03

Lecture 176 Troubleshooting Answers - Solution 04

Lecture 177 Troubleshooting Answers - Solution 05

Lecture 178 AWS Control Tower

Lecture 179 IAM Service Role and Pass Role

Lecture 180 Document Code - Pass Role Policy

Lecture 181 Amazon WorkMail

Lecture 182 Notes - Domain 4

Section 6: Domain 5 - Data Protection

Lecture 183 Introduction to Cryptography

Lecture 184 Understanding communication Protocols

Lecture 185 Plain Text vs Encrypted Text Based Protocols

Lecture 186 AWS CloudHSM

Lecture 187 Important Pointers - CloudHSM

Lecture 188 AWS Key Management Service

Lecture 189 Creating our first Customer Managed Key (CMK)

Lecture 190 Document - CMKs References

Lecture 191 Envelope Encryption with KMS

Lecture 192 Schedule Key Deletion

Lecture 193 KMS Key Categories

Lecture 194 Overview of Asymmetric Key Encryption

Lecture 195 Asymmetric Keys with KMS

Lecture 196 Document - Asymmetric Encryption Commands

Lecture 197 Digital Signing with KMS

Lecture 198 Document - Digital Signing with KMS Commands

Lecture 199 AWS Key Management Service - Data Key Caching

Lecture 200 AWS Key Management Service - CMK Deletion & EBS Use-Case

Lecture 201 Access Control in KMS

Lecture 202 Importance of Default Key Policy

Lecture 203 Reducing Risk of Unmanageable CMK

Lecture 204 KMS Policy Evaluation Logic - Use-Case 1

Lecture 205 Document - KMS Use-Case 1

Lecture 206 KMS Policy Evaluation Logic - Use Case Solution - 01

Lecture 207 KMS Policy Evaluation Logic - Use Case 2

Lecture 208 Document - KMS Use Case 02

Lecture 209 KMS Policy Evaluation Logic - Use Case 02 Solution

Lecture 210 KMS Policy Evaluation Logic - Use Case - 3

Lecture 211 Document - KMS Use Case 03

Lecture 212 KMS Policy Evaluation Logic Solution - Use Case 3

Lecture 213 KMS Grants

Lecture 214 Document - KMS Grants Commands

Lecture 215 Importing Key Material to KMS

Lecture 216 Document - Imported Key Material Commands

Lecture 217 KMS ViaService

Lecture 218 Document - KMS ViaService Policy

Lecture 219 Migrating Encrypted KMS Data Across Regions

Lecture 220 Multi-Region KMS

Lecture 221 Benefits of CloudHSM over KMS

Lecture 222 S3 Encryption

Lecture 223 Load Balancing in AWS

Lecture 224 OSI Model & AWS ELB

Lecture 225 Classic Load Balancers

Lecture 226 Overview of Application Load Balancers

Lecture 227 Listener and Target Groups

Lecture 228 ALB Practicals

Lecture 229 Network Load Balancers

Lecture 230 ELB Access Logs

Lecture 231 Understanding HTTPS Connections

Lecture 232 Overview of AWS Certificate Manager

Lecture 233 Issuing Certificates with ACM

Lecture 234 Glacier Vault and Vault Lock

Lecture 235 DynamoDB Encryption

Lecture 236 Overview of AWS Secrets Manager

Lecture 237 RDS Integration with AWS Secrets Manager

Lecture 238 Encryption Context in KMS

Lecture 239 Document - Encrypted Context Commands

Lecture 240 DNS Cache Poisoning Attack

Lecture 241 Document - External Link

Lecture 242 Overview of DNSSEC

Lecture 243 PCAP Files - DNS and DNSSEC

Lecture 244 Configuring DNSSEC in Route53

Lecture 245 Overview of Route53 Resolver

Lecture 246 Route53 Resolver DNS Firewall

Lecture 247 AWS Signer

Lecture 248 Integrating Signer with Lambda

Lecture 249 Overview of EBS Snapshots

Lecture 250 EBS Encryption

Lecture 251 Enabling Encryption by Default

Lecture 252 EBS Encryption Scenerios

Lecture 253 Encrypted EBS Snapshot Sharing

Lecture 254 Notes - Domain 5

Section 7: Important points for Exams

Lecture 255 Our Community

Lecture 256 Important Pointers - Domain 1

Lecture 257 Important Pointers - Domain 2

Lecture 258 Important Pointers - Domain 3

Lecture 259 Important Pointers - Domain 4

Lecture 260 Important Pointers - Domain 5

Lecture 261 Updated - Important Pointers for Exams

Lecture 262 Updated - Important Pointers for Exams

Lecture 263 Notes - Important Pointers for Exams

Those interested in gaining the AWS Security Specialty Certification,Those who wants to gain deep security insights related to AWS