Security - Specialty Certification Preparation for AWS

DifficultyAdvanced
AVG Duration31h
Students3710
Ratings
4.8/5
starstarstarstarstar-half
Content
course 24 labchallenge 1 exam 2 lab 11 quiz 4

Description

Designed specifically for students looking to gain a deep understanding of AWS security services, including the many different security mechanisms and techniques that AWS offers to secure your infrastructure and data from both internal and external threats and exposures. The AWS Certified Security - Specialty certification allows you to demonstrate and validate your AWS knowledge across security topics such as data protection and encryption, infrastructure security, incident response, identity, and access management, monitoring, and logging. With a blend of instructional courses, hands-on labs, quizzes, and a preparation exam, this Learning Path helps you prepare and master the AWS Certified Security - Specialty exam.  

Benefits of Achieving this Certification

  • Cloud security is crucial to ALL use cases
  • AWS certifications provide a reputable benchmark for AWS partners and practitioners
  • Ensures team members are following security best practices
  • Provides professional progression for team members
  • Contributes to AWS partner certification requirements

Learning Path Agenda

This learning path has been designed to take you through the numerous security services along with the different security features that are available within other AWS services.

It begins with an introduction to the most common security service that is available, Identity & Access Management (IAM). During the first few courses and labs, it looks at access management and identities, both internally and externally, covering different authentication and authorization methods.

Next, it introduces a number of AWS security services related to auditing and compliance some of which are based on Machine Learning, such as Amazon GuardDuty and Amazon Macie. Monitoring and logging are then covered, examining how you can use the different AWS services to monitor and track log data and use it to help you find vulnerabilities.

Next, there are a number of courses and labs that look into encryption and data protection using different services and techniques. Different encryption mechanisms are covered here across a range of common AWS services. Application and Network security are covered next, looking at different services and techniques that can be implemented to help protect your Web Apps along with your VPC infrastructure, again from both internal and external threats.

Finally, there are a number of courses and labs covering security best practices, governance, and risk.

Intended Audience

This learning path is ideal for anyone interested in learning to recognize, explain, and implement solutions to enforce strict security controls across all levels of AWS infrastructure deployments.

Learning Objectives

This learning path will enable you to: 

  • Understand the differences between each of the security services offered by AWS and how they can be used within your environment
  • Select the appropriate level of security based on your deployments and the sensitivity of your data using a variety of services
  • Implement the correct security services and mechanisms to meet business objectives and requirements
  • Understand how to select the most appropriate data protection techniques including encryption mechanisms
  • Implement logging and monitoring solutions to detect and analyze security vulnerabilities and weaknesses within your infrastructure

Prerequisites

Prior to taking this Security Specialty certification, you must have passed the AWS Cloud Practitioner certification or ANY of the AWS Associate level certifications.

Feedback

We welcome all feedback so if you are unsure about where to start or if would like help getting started please direct any comments or questions to us at support@cloudacademy.com.

Updates

07/06/18: Added Lab - Detecting EC2 Threats with Amazon GuardDuty

06/29/18:

Added: How to implement & enable logging Across AWS Services (Part 1 of 2) 

Added: How to implement & enable logging Across AWS Services (Part 2 of 2)

09/21/18

Added: Understanding S3 Encryption Mechanisms to secure your data

Certificate

Your certificate for this learning path
lock

Training Content

1
course
Course - Intermediate - 1h 12m
AWS: Overview of AWS Identity & Access Management (IAM)
This course explains AWS Identity & Access Management (IAM), what it is, and how to implement it.
2
lab
Hands-on Lab - Beginner - 1h
Introduction to IAM
Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.
3
lab
Hands-on Lab - Intermediate - 1h 15m
Advanced Roles and Groups Management Using IAM
Learn how to manage our organization using IAM Users and Groups and IAM Roles 
4
exam
Exam - 35m
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
5
course
Course - Intermediate - 1h 26m
Understanding of AWS Authentication, Authorization & Accounting
In this course, you'll learn about security mechanisms around AWS Authentication, Authorization, and Accounting, using a variety of services.
6
quiz
Quiz - Intermediate - 9m
Authentication, Authorization & Accounting
Authentication, Authorization & Accounting
7
course
Course - Advanced - 41m
AWS Identity Federation
This course introduces you to AWS Identity Federation and includes a demo on how to use it.
8
course
Course - Intermediate - 1h 9m
AWS CloudTrail: An Introduction
This course provides an introduction to the AWS CloudTrail service, looking at all its features and components.
9
quiz
Quiz - Intermediate - 9m
AWS CloudTrail Intermediate
AWS CloudTrail Intermediate
10
lab
Hands-on Lab - Beginner - 2h 15m
Monitoring AWS CloudTrail Events with Amazon CloudWatch
In this lab, you'll learn how to configure and use AWS CloudTrail and CloudWatch in cooperation with each other to monitor AWS infrastructure and services.
11
course
Course - Intermediate - 1h 12m
AWS Config: An Introduction
In this course, you'll learn how AWS Config allows you to have visibility of your entire AWS infrastructure from a configuration perspective.
12
quiz
Quiz - Intermediate - 9m
AWS Config Intermediate
AWS Config Intermediate
13
lab
Hands-on Lab - Intermediate - 2h
Compliance Check Using AWS Config Rules (Managed & Custom)
Compliance check using AWS Config Rules: See how AWS Config can enhance your security and compliance with AWS managed rules and custom rules with AWS Lambda
14
course
Course - Intermediate - 54m
Amazon Inspector
In this course, you'll learn about Amazon Inspector and its components, as well as watch a demonstration on how to configure it.
15
course
Course - Intermediate - 29m
Using AWS Trusted Advisor to Follow and Implement Best Practices
This course looks at how to use AWS Trusted Advisor to implement some best practices and recommendations across your AWS environment with your organization.
16
lab
Hands-on Lab - Beginner - 1h 10m
Follow Best Practices with AWS Trusted Advisor
Follow best practices with AWS Trusted Advisor auditing your AWS environment and advising you on performance, and security improvements.
17
course
Course - Intermediate - 1h 3m
Understanding Amazon GuardDuty
This course explains how to protect your AWS accounts by using the intelligent threat detection service, Amazon GuardDuty.
18
lab
Hands-on Lab - Beginner - 50m
Detecting EC2 Threats with Amazon GuardDuty
Learn how to use Amazon GuardDuty to automatically uncover malicious EC2 activity and configure threat lists to improve the security of your AWS environments.
19
course
Course - Intermediate - 1h 9m
Enforcing Compliance & Security Controls with Amazon Macie
This course looks at Amazon Macie and how to customize it to gain the maximum benefit of its capabilities.
20
course
Course - Intermediate - 16m
An Overview of Amazon CloudWatch
This course takes a high-level look at Amazon CloudWatch and some of its features and components.
21
course
Course - Intermediate - 12m
Building CloudWatch Dashboards
This course is geared towards helping you understand the value of building your own dashboards within CloudWatch, to give you unparalleled visibility into your architecture and dedicated systems.
22
course
Course - Advanced - 1h 4m
How to Implement & Enable Logging Across AWS Services (Part 1 of 2)
In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.
23
course
Course - Advanced - 1h 4m
How to Implement & Enable Logging Across AWS Services (Part 2 of 2)
In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.
24
lab
Hands-on Lab - Beginner - 1h 30m
Monitor Amazon CloudWatch Security Logs for failed SSH attempts
Learn how to use CloudWatch to monitor EC2 instance logs for failed SSH attempts
25
course
Course - Advanced - 1h 10m
Advanced Techniques for AWS Monitoring, Metrics and Logging
This course teaches advanced techniques for logging on AWS, going beyond the basic uses of CloudWatch Metrics, CloudWatch Logs, and health monitoring systems.
26
course
Course - Intermediate - 1h 11m
How to Use KMS Key Encryption to Protect Your Data
In this course, you will learn the basics of KMS, what it will cost to implement, how to encrypt data, and more...
27
course
Course - Intermediate - 15m
How to Share CMKs Across Multiple Accounts Using AWS KMS
This course shows how to use the Key Management Service for encryption across multiple AWS accounts.
28
quiz
Quiz - Intermediate - 9m
AWS Key Management Service (KMS) Intermediate
AWS Key Management Service (KMS) Intermediate
29
course
Course - Advanced - 12m
Understanding S3 Encryption Mechanisms to Secure your Data
In this course, you'll learn about the S3 encryption and decryption process for S3 Managed Keys, KMS Managed Keys, and Customer Provided Keys.
30
lab
Hands-on Lab - Intermediate - 2h
Using Amazon Key Management Service to Encrypt S3 and EBS Data
In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!
31
course
Course - Intermediate - 13m
Sharing Secrets Between Multiple Accounts Using AWS Secrets Manager
This course explains how to share secrets between different AWS accounts through the use of resource-based policies and AWS Secrets Manager.
32
course
Course - Intermediate - 33m
Manage Your Own Encryption Keys Using AWS CloudHSM
This course gets you started with AWS CloudHSM by giving you an overview of the basics of the service, what it is, and its use cases.
33
course
Course - Intermediate - 55m
AWS Encryption for Data Analytics
This course looks at how to secure your big data within AWS by implementing different data encryption options.
34
course
Course - Beginner - 1h 17m
Protecting Web Apps with AWS WAF, Shield & Firewall Manager
This course takes an in-depth look at AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield.
35
course
Course - Advanced - 1h 19m
AWS Virtual Private Cloud: Subnets and Routing
This course looks at how to design your AWS Virtual Private Cloud through the use of different VPC Subnet and Routing configurations.
36
lab
Hands-on Lab - Beginner - 2h 30m
Securing your VPC using Public and Private Subnets
Learn how to increment the network security creating a public and private subnet on VPC and filter traffic using network ACL
37
course
Course - Intermediate - 56m
AWS Security Best Practices: Abstract and Container Services
This course discusses the responsibility between AWS and the customer when architecting both abstract and container services
38
lab
Hands-on Lab - Beginner - 1h
Using S3 Bucket Policies and Conditions to Restrict Specific Permissions
You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.  
39
lab
Hands-on Lab - Beginner - 1h 20m
Query encrypted Amazon S3 data with Amazon Athena
Use Amazon Athena to query encrypted data on S3 and encrypt the query results as well.
40
course
Course - Intermediate - 38m
Intrusion Detection and Prevention on Amazon Web Services
This course covers the fundamentals of intrusion detection and prevention on Amazon Web Services.
41
labchallenge
Hands-on Lab Challenge - Advanced - 1h 15m
Code Red: Repair an AWS Environment with a Linux Bastion Host
In this lab, you will be assessing your ability to troubleshoot AWS networking and security issues in a production-like environment.
42
exam
Exam - 2h
Cert Prep: AWS Security Specialty Certification
Cert Prep: AWS Security Specialty Certification
About the Author
Students144268
Labs1
Courses121
Learning paths87

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 90+ courses relating to Cloud reaching over 140,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.