Security - Specialty Certification Preparation for AWS

OverviewStepsAuthor
DifficultyAdvanced
AVG Duration33h
Students2448
Ratings
4.8/5
starstarstarstarstar-half
Content
Course Created with Sketch. 23 1 Exams Created with Sketch. 2 Labs Created with Sketch. 11 quizzes Created with Sketch. 4

Description

Overview

Designed specifically for students looking to gain a deep understanding of AWS security services, including the many different security mechanisms and techniques that AWS offers to secure your infrastructure and data from both internal and external threats and exposures. The AWS Certified Security - Specialty certification allows you to demonstrate and validate your AWS knowledge across security topics such as data protection and encryption, infrastructure security, incident response, identity and access management, monitoring and logging. With a blend of instructional courses, hands on labs, quizzes and a preparation exam, this Learning Path helps you prepare and master the AWS Certified Security - Specialty exam.

Benefits of achieving this certification

  • Cloud Security is crucial to ALL use cases
  • AWS certifications provide a reputable benchmark for AWS partners and practitioners
  • Ensures team members are following security best practices
  • Provides professional progression for team members
  • Contributes to AWS partner certification requirements

Intended Audience

This learning path is ideal for anyone interested in learning to recognize, explain, and implement solutions to enforce strict security controls across all levels of AWS infrastructure deployments.

Learning Objectives

This learning path will enable you to:

  • Understand the differences between each of the security services offered by AWS and how they can be used within your environment
  • Select the appropriate level of security based on your deployments and the sensitivity of your data using a variety of services
  • Implement the correct security services and mechanisms to meet business objectives and requirements
  • Understand how to select the most appropriate data protection techniques including encryption mechanisms
  • Implement logging and monitoring solutions to detect and analyze security vulnerabilities and weaknesses within your infrastructure

Agenda

This learning path has been designed to take you through the numerous security services along with the different security features that are available within other AWS services. 

It begins with an introduction to the most common security service that is available, Identity & Access Management (IAM). During the first few courses and labs it looks at access management and identities, both internally and externally, covering different authentication and authorization methods. 

Next it introduces a number of AWS security services related to auditing and compliance some of which are based on Machine Learning, such as Amazon GuardDuty and Amazon Macie. 

Monitoring and logging is then covered, examining how you can use the different AWS services to monitor and track log data and use it to help you find vulnerabilities. 

Next there are a number of courses and labs that look into encryption and data protection using different services and techniques. Different encryption mechanisms are covered here across a range of common AWS services. 

Application and Network security is covered next, looking at different services and techniques that can be implemented to help protect your Web Apps along with your VPC infrastructure, again from both internal and external threats. 

Finally there are a number of courses and labs covering security best practices, governance, and risk.

What's Included

Over 31 hours of high definition video, 11 hands on labs, and a final preparation exam.

Prerequistes

Prior to taking this Security Specialty certification you must have passed the AWS Practitioner certification or ANY of the AWS Associate level certifications

Feedback

We welcome all feedback so if you are unsure about where to start or if would like help getting started please direct any comments or questions to us at support@cloudacademy.com

Updates

07/06/18: Added Lab - Detecting EC2 Threats with Amazon GuardDuty

06/29/18:

Added: How to implement & enable logging Across AWS Services (Part 1 of 2)

Added: How to implement & enable logging Across AWS Services (Part 2 of 2)

09/21/18

Added: Understanding S3 Encryption Mechanisms to secure your data

Certificate

Your certificate for this learning path
lock

Learning Path Steps

1courses

This course explains AWS Identity & Access Management (IAM), what it is, and how to implement it.

2labs

Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.

3labs

Learn how to manage our organization using IAM Users and Groups and IAM Roles 

4exam-filled

Knowledge Check: Overview of AWS Identity and Access Management (IAM)

5courses

In this course, you'll learn about security mechanisms around AWS Authentication, Authorization, and Accounting, using a variety of services.

6quizzes

Authentication, Authorization & Accounting

7courses

This course introduces you to AWS Identity Federation and includes a demo on how to use it.

8courses

This course provides an introduction to the AWS CloudTrail service, looking at all its features and components.

9quizzes

AWS CloudTrail Intermediate

10labs

Learn how to configure and use AWS CloudTrail and CloudWatch in cooperation with each other to monitor AWS infrastructure and services. Whenever an Instance is stopped or terminated and alarm will trigger (using AWS SNS) and deliver an email notification to...

11courses

In this course, you'll learn how AWS Config allows you to have visibility of your entire AWS infrastructure from a configuration perspective.

12quizzes

AWS Config Intermediate

13labs

Compliance check using AWS Config Rules: See how AWS Config can enhance your security and compliance with AWS managed rules and custom rules with AWS Lambda

14courses

In this course, you'll learn about Amazon Inspector and its components, as well as watch a demonstration on how to configure it.

15courses

This course dives into the AWS Trusted Advisor service to explain how it works and how you can use it to benefit your AWS account.

16labs

Follow best practices with AWS Trusted Advisor auditing your AWS environment and advising you on performance, and security improvements.

17courses

This course explains how to protect your AWS accounts by using the intelligent threat detection service, Amazon GuardDuty.

18labs

Learn how to use Amazon GuardDuty to automatically uncover malicious EC2 activity and configure threat lists to improve the security of your AWS environments.

19courses

This course looks at Amazon Macie and how to customize it to gain the maximum benefit of its capabilities.

20courses

With this course, you'll get a high-level overview of how to monitor EC2, and how to react to resource changes.

21courses

In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.

22courses

In this course, you'll learn how to implement logging and monitoring across AWS Services including Amazon CloudWatch, CloudWatch Monitoring Agent, AWS CloudTrail Logs, and Amazon S3 Access Logs.

23labs

Learn how to use CloudWatch to monitor EC2 instance logs for failed SSH attempts

24courses

This course teaches advanced techniques for logging on AWS, going beyond the basic uses of CloudWatch Metrics, CloudWatch Logs, and health monitoring systems.

25courses

In this course, you will learn the basics of KMS, what it will cost to implement, how to encrypt data, and more...

26courses

This course shows how to use the Key Management Service for encryption across multiple AWS accounts.

27quizzes

AWS Key Management Service (KMS) Intermediate

28courses

In this course, you'll learn about the S3 encryption and decryption process for S3 Managed Keys, KMS Managed Keys, and Customer Provided Keys.

29labs

In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!

30courses

This course explains how to share secrets between different AWS accounts through the use of resource-based policies and AWS Secrets Manager.

31courses

This course gets you started with AWS CloudHSM by giving you an overview of the basics of the service, what it is, and its use cases.

32courses

This course looks at how to secure your big data within AWS by implementing different data encryption options.

33courses

This course takes an in-depth look at AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield.

34courses

This course looks at how to design your AWS Virtual Private Cloud through the use of different VPC Subnet and Routing configurations.

35labs

Learn how to increment the network security creating a public and private subnet on VPC and filter traffic using network ACL

36courses

This course discusses the responsibility between AWS and the customer when architecting both abstract and container services

37labs

You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.  

38labs

Use Amazon Athena to query encrypted data on S3 and encrypt the query results as well.

39courses

This course covers the fundamentals of intrusion detection and prevention on Amazon Web Services.

40

In this lab, you will be assessing your ability to troubleshoot AWS networking and security issues in a production-like environment.

41exam-filled

Cert Prep: AWS Security Specialty Certification

About the Author
Students110245
Labs1
Courses93
Learning paths62

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 80+ courses relating to Cloud reaching over 100,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.