AWS Certified Security - Specialty Training Course

With this video-based, online, certification training course, you’ll master the skills needed to pass the AWS Security Specialty exam to earn one of the most sought-after certifications in the technology sector. This course allows you to learn at your own pace, with 5+ hours of expert-led video lessons that will walk you through demonstrations, exam topics, and sample questions. You’ll get expert advice on how to solve exam problems, flashcards and quizzes to maximize learning, and sample tests to practice taking the exam. Guided labs are included to give you hands-on experience completing the tasks required of AWS security professionals. Who should take this course Skill level | Intermediate to advanced Anyone preparing for the AWS Security Specialty exam to get certified IT professionals looking to level up their knowledge of Amazon Web Services security and practice with real-world examples It is recommended that you have basic knowledge of general security concepts and AWS security concepts before taking this course. For an optimal course experience, we recommend using these browsers and devices. Course includes 5+ hours of expert-led training videos to watch and learn at your own pace Hands-on labs to simulate the experience of applying AWS security skills to the 5 domains of the Security Specialty exam Self-study tools, such as flashcards to master key terms and quizzes to self-assess your progress Complete practice tests to ensure you’re ready to take the AWS Security Specialty exam with confidence 1 year of access* What you'll learn This self-paced certification course will help you master all the skills tested on the AWS Security Specialty exam, including but not limited to: Determining and applying correct responses for various security incidents and monitoring situations Applying automated log management processes and navigating complex implementation scenarios Evaluating IAM policy examples and troubleshooting broken permissions Enabling server-side encryption for CloudWatch logs Implementing end-to-end encryption for an application infrastructure *Retake guarantee Didn't pass your certification exam on your first try? We'll give you six months of additional access at no cost. About Pearson IT Training Courses Pearson IT Training Courses are complete and affordable packages of expert-led, self-paced courses designed to help you stand out with in-demand skills that take your career to the next level. From learning to hands-on practice and application, our comprehensive certification prep courses ensure you are ready for exam success.

Table of Contents:
AWS Certified Security Specialty Introduction Introduction Module 1: AWS Certified Security - Specialty Basics Module introduction Lesson 1: AWS Certified Security - Specialty Basics Learning objectives 1.1 Introduction to Security 1.2 Exam Details 1.3 Course Scope Details 1.4 Certification Candidate Skills Lesson 1: Quiz Module 2: Incident Response Module introduction Lesson 2: Incident Response Learning objectives 2.1 Abuse Notice Strategies 2.2 Incident Response Basics 2.3 IR Preparation 2.4 IR Detection & Analysis 2.5 IR Containment Eradication & Recovery 2.6 IR Post-Incident Activity 2.7 Case Study: Compromised EC2 2.8 Question Breakdown Exercise: Enable GuardDuty, Configure EventBridge Rule to Send Notification to SNS Lesson 2: Flashcards Lesson 2: Quiz Module 3: Logging and Monitoring Module introduction Lesson 3: Security Monitoring Learning objectives 3.1 Infrastructure Security Monitoring Lab: Enabling and Disabling GuardDuty Lab: Creating VPC Flow Logs 3.2 Application Security Monitoring Lab: Enabling CloudTrail 3.3 Account Security Monitoring 3.4 Troubleshooting Security Monitoring Lab: Creating a CloudWatch Alarm 3.5 Case Study: Broken Monitoring 3.6 Question Breakdown Exercise: Enable CloudTrail for Account with S3 and CWL Lesson 3: Flashcards Lesson 3: Quiz Lesson 4: Logging Solutions Learning objectives 4.1 Access Logs Lab: Enabling Access Logging for an Amazon S3 Bucket 4.2 Execution Logs Viewing Logs Using the Lambda Console 4.3 Security Logs 4.4 Log Processing Lab: Creating a Kinesis Firehose Delivery Stream 4.5 Case Study: Automated Log Management 4.6 Question Breakdown Exercise: Enable VPC Flow Logs on a Default VPC Lesson 4: Flashcards Lesson 4: Quiz Module 4: Infrastructure Security Module introduction Lesson 5: Infrastructure Security Part 1 Learning objectives 5.1 Edge Security 5.2 VPC Network Security Lab: Creating an AWS VPC Lab: Creating a Subnet within VPC Lab: Creating a Security Group Lab: Creating a Custom Route Table 5.3 VPC Egress Security Lab: Creating an Internet Gateway Lab: Creating a VPC Peering Connection Lab: Creating a Gateway Endpoint Lab: Creating an Interface Endpoint 5.4 Multiple VPC Strategies Lab: Creating a Transit Gateway 5.5 Case Study: Multi-scope Infrastructure Design 5.6 Question Breakdown Exercise: Configure Inbound and Outbound Network ACLs for a VPC Lesson 5: Flashcards Lesson 5: Quiz Lesson 6: Infrastructure Security Part 2 Learning objectives 6.1 Network Troubleshooting 6.2 Host-Based Security Lab: Using Amazon EC2 Lab: Creating an SNS Topic Lab: Creating the AWS Lambda Function and Invoking It 6.3 Case Study: The Golden AMI Pipeline Lab: Creating an AMI from a Launched Instance Lab: Creating an AWS Elastic Beanstalk Application 6.4 Question Breakdown Exercise: Install Amazon Inspector Agent on EC2 and Execute Assessment Run Lesson 6: Flashcards Lesson 6: Quiz Module 5: Identity and Access Management Module introduction Lesson 7: Permissions and Roles Learning objectives 7.1 AWS Credentials 7.2 IAM Policy Details 7.3 IAM Policy Conditions 7.4 Policy Evaluation Logic 7.5 Assuming IAM Roles Lab: Creating an IAM Role Lab: Creating an IAM Policy 7.6 Case Study: IAM Policy Examples 7.7 Question Breakdown Exercise: Create an IAM Policy with two conditions. The first condition will allow EC2 instance launch from your IP, the second condition will deny EC2 instance launch if there is no Name tag. Lesson 7: Flashcards Lesson 7: Quiz Lesson 8: Federation and Resource-based Access Control Learning objectives 8.1 SAML Federation 8.2 Cognito User Pool Federation Lab: Creating a User Pool 8.3 Cognito Identity Pool Federation 8.4 AWS SSO Federation 8.5 AWS Organizations 8.6 S3 Access Control Lab: Creating an Amazon S3 Bucket 8.7 API Gateway and Lambda Access Control 8.8 Troubleshooting Permissions Lab: Creating an Elasticsearch Domain 8.9 Case Study: Broken Permission Examples 8.10 Question Breakdown Exercise: Create an S3 Bucket ACL to Enable Access Logs from Another S3 Bucket Lesson 8: Flashcards Lesson 8: Quiz Module 6: Data Protection Module introduction Lesson 9: Key Management Learning objectives 9.1 Symmetric Data Encryption Lab: Creating and Disabling an AWS KMS Key Lab: Creating an AWS CloudHSM Cluster 9.2 AWS KMS Basics 9.3 AWS KMS Access Control 9.4 AWS CloudHSM 9.5 AWS Certificate Manager Lab: Creating CloudFront Lab: Creating an Elastic Load Balancer 9.6 Using Keys for Authentication 9.7 Troubleshooting Key Management 9.8 Case Study: CloudWatch Logs Encryption 9.9 Question Breakdown Exercise: Create a KMS CMK with Key Policy for S3 Server-Side Encryption Lesson 9: Flashcards Lesson 9: Quiz Lesson 10: Data Encryption At-rest and In Transit Learning objectives 10.1 Data Encryption At-rest by Default Lab: Creating a Glacier Vault Lab: Creating a DynamoDB Table and Putting Items in it 10.2 Data Encryption At-rest as Option Lab: Creating an SQS Queue Lab: Creating an Amazon Redshift Cluster Lab: Configuring Amazon ElastiCache Lab: Creating an Amazon Elastic File System 10.3 Data Encryption At-rest Operations 10.4 Data Encryption In Transit - Web 10.5 Data Encryption In Transit - Storage 10.6 Data Encryption In Transit - Network Lab: Creating a Virtual Private Gateway 10.7 Case Study: End-to-End Encryption 10.8 Question Breakdown Exercise: Configure At-rest Encryption for an EBS Volume Lesson 10: Flashcards Lesson 10: Quiz Module 7: Next Steps Module introduction Lesson 11: Next Steps Learning objectives 11.1 Study Strategies 11.2 Study Resources Summary Summary

About the Author :
Course expert Chad Smith - Certified AWS architect Chad Smith is the Principal Cloud Architect at Brightkey.cloud. He is a certified architect for both Amazon Web Services and Google Cloud Platform. He brings a wealth of relevant experience in cloud adoption, infrastructure design, data security, and cloud operations. Chad holds current AWS certifications in Architecture (Associate and Professional), SysOps, Security, Database, and Networking.