Security - Specialty Certification Preparation for AWS

OverviewStepsAuthor
DifficultyAdvanced
AVG Duration31h
Students4145
Ratings
4.8/5
starstarstarstarstar-half
Content
2412114

Description

Designed specifically for students looking to gain a deep understanding of AWS security services, including the many different security mechanisms and techniques that AWS offers to secure your infrastructure and data from both internal and external threats and exposures. The AWS Certified Security - Specialty certification allows you to demonstrate and validate your AWS knowledge across security topics such as data protection and encryption, infrastructure security, incident response, identity, and access management, monitoring, and logging. With a blend of instructional courses, hands-on labs, quizzes, and a preparation exam, this Learning Path helps you prepare and master the AWS Certified Security - Specialty exam.  

Benefits of Achieving this Certification

  • Cloud security is crucial to ALL use cases
  • AWS certifications provide a reputable benchmark for AWS partners and practitioners
  • Ensures team members are following security best practices
  • Provides professional progression for team members
  • Contributes to AWS partner certification requirements

Learning Path Agenda

This learning path has been designed to take you through the numerous security services along with the different security features that are available within other AWS services.

It begins with an introduction to the most common security service that is available, Identity & Access Management (IAM). During the first few courses and labs, it looks at access management and identities, both internally and externally, covering different authentication and authorization methods.

Next, it introduces a number of AWS security services related to auditing and compliance some of which are based on Machine Learning, such as Amazon GuardDuty and Amazon Macie. Monitoring and logging are then covered, examining how you can use the different AWS services to monitor and track log data and use it to help you find vulnerabilities.

Next, there are a number of courses and labs that look into encryption and data protection using different services and techniques. Different encryption mechanisms are covered here across a range of common AWS services. Application and Network security are covered next, looking at different services and techniques that can be implemented to help protect your Web Apps along with your VPC infrastructure, again from both internal and external threats.

Finally, there are a number of courses and labs covering security best practices, governance, and risk.

Intended Audience

This learning path is ideal for anyone interested in learning to recognize, explain, and implement solutions to enforce strict security controls across all levels of AWS infrastructure deployments.

Learning Objectives

This learning path will enable you to: 

  • Understand the differences between each of the security services offered by AWS and how they can be used within your environment
  • Select the appropriate level of security based on your deployments and the sensitivity of your data using a variety of services
  • Implement the correct security services and mechanisms to meet business objectives and requirements
  • Understand how to select the most appropriate data protection techniques including encryption mechanisms
  • Implement logging and monitoring solutions to detect and analyze security vulnerabilities and weaknesses within your infrastructure

Prerequisites

Prior to taking this Security Specialty certification, you must have passed the AWS Cloud Practitioner certification or ANY of the AWS Associate level certifications.

Feedback

We welcome all feedback so if you are unsure about where to start or if would like help getting started please direct any comments or questions to us at support@cloudacademy.com.

Updates

07/06/18: Added Lab - Detecting EC2 Threats with Amazon GuardDuty

06/29/18:

Added: How to implement & enable logging Across AWS Services (Part 1 of 2) 

Added: How to implement & enable logging Across AWS Services (Part 2 of 2)

09/21/18

Added: Understanding S3 Encryption Mechanisms to secure your data

Certificate

Your certificate for this learning path
lock

Training Content

1
Course - Intermediate - 1h 12m
FREE
AWS: Overview of AWS Identity & Access Management (IAM)
This course explains AWS Identity & Access Management (IAM), what it is, and how to implement it.
2
Hands-on Lab - Beginner - 1h
Introduction to IAM
Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.
3
Hands-on Lab - Intermediate - 1h 15m
UPDATED
Advanced Roles and Groups Management Using IAM
Learn how to manage our organization using IAM Users and Groups and IAM Roles 
4
Exam - 35m
FREE
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
5
Course - Intermediate - 1h 26m
Understanding of AWS Authentication, Authorization & Accounting
In this course, you'll learn about security mechanisms around AWS Authentication, Authorization, and Accounting, using a variety of services.
6
Quiz - Intermediate - 9m
Authentication, Authorization & Accounting
Authentication, Authorization & Accounting
7
Course - Intermediate - 10m
Using AWS Identity Federation to Simplify Access at Scale
This course covers AWS Identity Federation including what it is, some of the AWS services that can be involved in federation, and also highlight some scenarios where you might want to implement it.
8
Course - Intermediate - 1h 9m
AWS CloudTrail: An Introduction
This course provides an introduction to the AWS CloudTrail service, looking at all its features and components.
9
Quiz - Intermediate - 9m
AWS CloudTrail Intermediate
AWS CloudTrail Intermediate
10
Hands-on Lab - Beginner - 2h 15m
Monitoring AWS CloudTrail Events with Amazon CloudWatch
In this lab, you'll learn how to configure and use AWS CloudTrail and CloudWatch in cooperation with each other to monitor AWS infrastructure and services.
11
Course - Intermediate - 1h 12m
AWS Config: An Introduction
In this course, you'll learn how AWS Config allows you to have visibility of your entire AWS infrastructure from a configuration perspective.
12
Quiz - Intermediate - 9m
AWS Config Intermediate
AWS Config Intermediate
13
Hands-on Lab - Intermediate - 2h
Compliance Check Using AWS Config Rules (Managed & Custom)
Compliance check using AWS Config Rules: See how AWS Config can enhance your security and compliance with AWS managed rules and custom rules with AWS Lambda
14
Course - Intermediate - 54m
Amazon Inspector
In this course, you'll learn about Amazon Inspector and its components, as well as watch a demonstration on how to configure it.
15
Course - Intermediate - 29m
Using AWS Trusted Advisor to Follow and Implement Best Practices
This course looks at how to use AWS Trusted Advisor to implement some best practices and recommendations across your AWS environment with your organization.
16
Hands-on Lab - Beginner - 1h 10m
Follow Best Practices with AWS Trusted Advisor
Follow best practices with AWS Trusted Advisor auditing your AWS environment and advising you on performance, and security improvements.
17
Course - Intermediate - 1h 3m
Understanding Amazon GuardDuty
This course explains how to protect your AWS accounts by using the intelligent threat detection service, Amazon GuardDuty.
18
Hands-on Lab - Beginner - 50m
Detecting EC2 Threats with Amazon GuardDuty
Learn how to use Amazon GuardDuty to automatically uncover malicious EC2 activity and configure threat lists to improve the security of your AWS environments.
19
Course - Intermediate - 1h 9m
Enforcing Compliance & Security Controls with Amazon Macie
This course looks at Amazon Macie and how to customize it to gain the maximum benefit of its capabilities.
20
Course - Intermediate - 16m
An Overview of Amazon CloudWatch
This course takes a high-level look at Amazon CloudWatch and some of its features and components.
21
Course - Intermediate - 12m
Building CloudWatch Dashboards
This course is geared towards helping you understand the value of building your own dashboards within CloudWatch, to give you unparalleled visibility into your architecture and dedicated systems.
22
Course - Advanced - 1h 4m
How to Implement & Enable Logging Across AWS Services (Part 1 of 2)
In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.
23
Course - Advanced - 1h 4m
How to Implement & Enable Logging Across AWS Services (Part 2 of 2)
In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.
24
Hands-on Lab - Beginner - 1h 30m
Monitor Amazon CloudWatch Security Logs for failed SSH attempts
Learn how to use CloudWatch to monitor EC2 instance logs for failed SSH attempts
25
Course - Advanced - 1h 10m
Advanced Techniques for AWS Monitoring, Metrics and Logging
This course teaches advanced techniques for logging on AWS, going beyond the basic uses of CloudWatch Metrics, CloudWatch Logs, and health monitoring systems.
26
Course - Intermediate - 1h 10m
How to Use KMS Key Encryption to Protect Your Data
In this course, you will learn the basics of KMS, what it will cost to implement, how to encrypt data, and more...
27
Course - Intermediate - 15m
How to Share CMKs Across Multiple Accounts Using AWS KMS
This course shows how to use the Key Management Service for encryption across multiple AWS accounts.
28
Quiz - Intermediate - 9m
AWS Key Management Service (KMS) Intermediate
AWS Key Management Service (KMS) Intermediate
29
Course - Advanced - 12m
Understanding S3 Encryption Mechanisms to Secure your Data
In this course, you'll learn about the S3 encryption and decryption process for S3 Managed Keys, KMS Managed Keys, and Customer Provided Keys.
30
Hands-on Lab - Intermediate - 2h
Using Amazon Key Management Service to Encrypt S3 and EBS Data
In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!
31
Course - Intermediate - 13m
Sharing Secrets Between Multiple Accounts Using AWS Secrets Manager
This course explains how to share secrets between different AWS accounts through the use of resource-based policies and AWS Secrets Manager.
32
Course - Intermediate - 33m
Manage Your Own Encryption Keys Using AWS CloudHSM
This course gets you started with AWS CloudHSM by giving you an overview of the basics of the service, what it is, and its use cases.
33
Course - Intermediate - 55m
AWS Encryption for Data Analytics
This course looks at how to secure your big data within AWS by implementing different data encryption options.
34
Course - Beginner - 1h 17m
Protecting Web Apps with AWS WAF, Shield & Firewall Manager
This course takes an in-depth look at AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield.
35
Course - Advanced - 1h 19m
AWS Virtual Private Cloud: Subnets and Routing
This course looks at how to design your AWS Virtual Private Cloud through the use of different VPC Subnet and Routing configurations.
36
Hands-on Lab - Beginner - 2h 30m
Securing your VPC using Public and Private Subnets
Learn how to increment the network security creating a public and private subnet on VPC and filter traffic using network ACL
37
Course - Intermediate - 56m
AWS Security Best Practices: Abstract and Container Services
This course discusses the responsibility between AWS and the customer when architecting both abstract and container services
38
Hands-on Lab - Beginner - 1h
Using S3 Bucket Policies and Conditions to Restrict Specific Permissions
You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.  
39
Hands-on Lab - Beginner - 1h 20m
Query encrypted Amazon S3 data with Amazon Athena
Use Amazon Athena to query encrypted data on S3 and encrypt the query results as well.
40
Course - Intermediate - 38m
Intrusion Detection and Prevention on Amazon Web Services
This course covers the fundamentals of intrusion detection and prevention on Amazon Web Services.
41
Hands-on Lab Challenge - Advanced - 1h 15m
Code Red: Repair an AWS Environment with a Linux Bastion Host
In this lab, you will be assessing your ability to troubleshoot AWS networking and security issues in a production-like environment.
42
Exam - 2h
Cert Prep: AWS Security Specialty Certification
Cert Prep: AWS Security Specialty Certification
About the Author
Students170272
Labs1
Courses140
Learning paths96

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 90+ courses relating to Cloud reaching over 140,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.