CloudAcademy

Security - Specialty Certification Preparation for AWS

OverviewStepsAuthor
DifficultyAdvanced
Duration32h 58m
Students280

Description

Overview

Designed specifically for students looking to gain a deep understanding of AWS security services, including the many different security mechanisms and techniques that AWS offers to secure your infrastructure and data from both internal and external threats and exposures. The AWS Certified Security - Specialty certification allows you to demonstrate and validate your AWS knowledge across security topics such as data protection and encryption, infrastructure security, incident response, identity and access management, monitoring and logging. With a blend of instructional ...

arrow-down Read more

Certificate

Your certificate for this learning path
lock

Learning Path Steps

1 courses

This course looks at one of the key Security services within AWS, Identity & Access Management, commonly referred to IAM. This service manages identities and their permissions that are able to access your AWS resources and so understanding how this service ...

2 labs

Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.

3 labs

Learn how to manage our organization using IAM Users and Groups and IAM Roles 

4 courses

Cloud Security is a huge topic, mainly because it has so many different areas of focus. This course focuses on three areas that are fundamental, AWS Authentication, Authorisation and Accounting. These three topics can all be linked together and having an u...

5 courses

Course Description: AWS Identity Federation is the concept of using external authorization sources to permit access to AWS Console and AWS Resources. Identity Federation comes is multiple levels that enables the use of existing directories or SAML to ensur...

6 courses

Any information that helps to secure your Cloud infrastructure is of significant use to security engineers and architects, with AWS CloudTrail you have the ability to capture all AWS API calls made by users and/or services. Whenever an API request is made ...

7 labs

Learn how to configure and use AWS CloudTrail and CloudWatch in cooperation with each other to monitor AWS infrastructure and services. Whenever an Instance is stopped or terminated and alarm will trigger (using AWS SNS) and deliver an email notification to...

8 courses

With the ever-changing nature of Cloud Computing in AWS, through the use of Auto Scaling, and self-healing architecture mechanisms, having visibility and awareness of your AWS resources is invaluable. It can be difficult to understand what your resources wi...

9 labs

Compliance check using AWS Config Rules: See how AWS Config can enhance your security and compliance with AWS managed rules and custom rules with AWS Lambda

10 courses

With the ever increasing threats of attacks against the integrity, confidentiality, and availability of your data within your organization, the need to ensure strict security procedures and processes is paramount and learn how to use Amazon Inspector is key...

11 courses

Course Description: Trying to ensure that your AWS infrastructure remains optimized at all times can be a daunting task.  By the very nature of AWS, your infrastructure is likely to be very fluid with the different resources used across your entire AWS acc...

12 labs

Follow best practices with AWS Trusted Advisor auditing your AWS environment and advising you on performance, and security improvements.

13 courses

Course Description During AWS re:Invent 2017, AWS launched their 11th security service in the on-going drive to help its customers protect and secure their applications, environments, and accounts. This service was Amazon GuardDuty, a regionally based, int...

14 labs

Lab Overview Amazon GuardDuty continuously monitors and identifies threats by analyzing several types of activity in your AWS account and any invited member accounts that you link to. GuardDuty can notify you of a wide variety of threats including unauthor...

15 courses

Course Description Amazon Macie was launched in the summer of 2017, much to the delight of cloud security engineers. Amazon Macie is a powerful security and compliance service that provides an automatic method to detect, identify, and classify data within ...

16 courses

Course Description: CloudWatch is a monitoring service for cloud resources in the applications you run on Amazon Web Services. CloudWatch can collect metrics, set and manage alarms, and automatically react to changes in your AWS resources. Amazon Web Servi...

17 courses

Course Description This course is part 1 of a 2 part course series which focuses on a number of key AWS services and how they perform logging and monitoring across your environment.  Being able to monitor data provides a number of key benefits to your or...

18 courses

Course Description This course is part 2 of a 2 part course series which focuses on a number of key AWS services and how they perform logging and monitoring across your environment.  Being able to monitor data provides a number of key benefits to your or...

19 labs

Learn how to use CloudWatch to monitor EC2 instance logs for failed SSH attempts

20 courses

Modern AWS cloud deployments are increasingly distributed systems, comprising of many different components and services interacting with each other to deliver software. In order to ensure quality delivery, companies and DevOps teams need more sophisticated ...

21 courses

Course Description Unencrypted data can be read and seen by anyone who has access to it, and data stored at-rest or sent between two locations, in-transit, is known as ‘plaintext’ or ‘cleartext’ data.  The data is plain to see and can be seen and under...

22 courses

Course Description We have all seen in the media numerous occurrences whereby large international organizations have had their data exposed and leaked that had been stored on S3.  Any sensitive data stored in the cloud MUST be encrypted, and when stori...

23 labs

In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!

24 courses

Course Description: AWS CloudHSM is the name of Amazon’s original encryption key solution. HSM stands for Hardware Security Module and in the solution provided by AWS is a Safenet Luna appliance hosted at AWS. The appliance is single tenant and exclusive t...

25 courses

Resources mentioned throughout this course: Cloud Academy Courses: Amazon Web Services: Key Management Services (KMS) Working with Amazon Kinesis Getting started with AWS CloudHSM AWS Resources: Configuring HDFS Transparent Encryption in Amazon ...

26 courses

Security is one of the hottest topics within the cloud industry right now, mostly due to uncertainty and a lack of understanding when it comes to knowing how to secure the cloud really is. With this in mind, public cloud vendors focus massive effort and res...

27 courses

Description Creating and configuring a Virtual Private Cloud (VPC) within AWS can be a simple or difficult process. It all very much depends on the complexity of your requirements. For example, how many subnets and hosts will you require? will you be using...

28 labs

Learn how to increment the network security creating a public and private subnet on VPC and filter traffic using network ACL

29 courses

When implementing different AWS services and architecting them within your environments, whether it be production, test or dev, do you know your security responsibilities for these services? It is very likely that you are using services from three differen...

30 labs

You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.  

31 labs

Use Amazon Athena to query encrypted data on S3 and encrypt the query results as well.

32 courses

In the last decade the nature and complexity of security attacks have increased tremendously. From simple attacks, which focused on hacking exposed web pages; we have evolved to stealthy attacks, which focus on the hacker staying hidden for years on end ins...

33 courses

Course Description: In this course we will discuss the fundamentals of Intrusion Detection and Prevention on Amazon Web Services. We will explore the difference between IDS and IPS, and the difference between host-based Intrusion Prevention, and Network ba...

34 exam-filled

AWS Security Specialty Certification - Preparation exam

About the Author

Students35498
Labs1
Courses39
Learning paths13

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to more recently cloud architecture and implementation.

He is a Certified Data Centre Design Professional (CDCDP), with his latest achievements gained within the Amazon Web Services (AWS) field.

He currently holds the AWS Certified Solutions Architect - Associate certification as well as accreditations as an AWS Business and Technology Professional and in TCO and Cloud Economics.

In January 2016 Stuart was awarded 'Expert of the Year Award 2015' from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.