08-06-2023, 07:17 PM
Last updated 7/2023
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 18.55 GB | Duration: 34h 7m
All-In-One Course to CLEAR the AWS Certified Security Specialty certification (SCS-C02)
What you'll learn
PASS the AWS Certified Security Specialty certification (SCS-C02)
ALL 1000+ Slides available to download.
Gain DEEP insights about Enterprise grade Security implementation.
DETECT attacks and PROTECT the AWS infrastructure from Hackers.
Requirements
Basics of AWS
AWS Solutions Architect Associate or Equivalent Knowledge
Description
AWS Certified Security - Specialty certification is one of the widely recognized security certifications across the industry. With the number of security breaches increasing every year, there is a huge demand for individuals who understands the security side of things, specifically Cloud-based Infrastructures.This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2023 certification as well for those who want to master the security side of AWS.Throughout the course, we explore various Real World scenarios and look into why do website gets hacked, what could have been done to prevent it, and learn the best practices related to Security for your AWS environment.Since this is a Specialty level certification, it is very important that the candidate has a prior hands-on experience in AWS, and this also acts as a pre-requisite to this certification. We do start our journey into the security side of things from scratch.With tons of quizzes in order to prepare you for exams, Real-world scenarios, and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the certification.I look forward to seeing you join us in this exciting journey on AWS Security.
Overview
Section 1: Getting started with the course
Lecture 1 Introduction to the Course
Lecture 2 Insights into AWS Security Specialty Exam Blueprint
Lecture 3 Document - Exam Blueprint PDF
Lecture 4 Important Course Resources
Lecture 5 PPT-Notes for Course
Lecture 6 Our Community
Section 2: Domain 1 - Threat Detection and Incident Response
Lecture 7 Case Study of Hacked Server
Lecture 8 AWS Abuse Reports
Lecture 9 Overview of Amazon GuardDuty
Lecture 10 Amazon GuardDuty Practical
Lecture 11 Malware Scan in Amazon GuardDuty
Lecture 12 Malware Scanning Practical
Lecture 13 Whitelisting Alerts in AWS GuardDuty
Lecture 14 Document - GuardDuty Alert Lists
Lecture 15 Centralized Dashboards for GuardDuty Findings
Lecture 16 Incident Response
Lecture 17 Scenario - Exposed IAM Access/Secret Keys in GitHub
Lecture 18 Document - Deny Based IAM Policy
Lecture 19 Use Case - Dealing with Exposed Access Keys - NEW
Lecture 20 Document - Reference Data
Lecture 21 Use Case - Dealing with compromised EC2 Instances
Lecture 22 Amazon Detective
Lecture 23 Incident Response in Cloud
Lecture 24 Penetration Testing in AWS (New)
Section 3: Domain 2 -Security Logging and Monitoring
Lecture 25 Introduction to Vulnerability, Exploit, Payload
Lecture 26 VEP Practical - Hacking inside a test farm
Lecture 27 Overview of Amazon Inspector
Lecture 28 AWS Inspector Vulnerability Scans
Lecture 29 Common Vulnerabilities Exposures & CVSS - NEW
Lecture 30 AWS Security Hub
Lecture 31 Overview of Layer 7 Firewalls
Lecture 32 Understanding AWS WAF
Lecture 33 Deploying AWS WAF
Lecture 34 Overview of AWS Systems Manager
Lecture 35 Configure SSM Agent
Lecture 36 Overview of Sessions Manager
Lecture 37 SSM - Run Command
Lecture 38 Overview of Patch Manager
Lecture 39 Parameter Store
Lecture 40 Systems Manager Automation
Lecture 41 Systems Manager Inventory
Lecture 42 Creating our First Inventory in SSM
Lecture 43 Overview of Unified CloudWatch Agent
Lecture 44 Unified CloudWatch Agent - Practical
Lecture 45 Document - Unified CloudWatch Agent
Lecture 46 CloudWatch Logs Insights
Lecture 47 CloudWatch Metric Filters
Lecture 48 CloudWatch Subscription Filters
Lecture 49 Amazon EventBridge
Lecture 50 Amazon Athena
Lecture 51 Revising AWS Config
Lecture 52 Revising AWS Config - Practical
Lecture 53 AWS Config Aggregator
Lecture 54 Configuring Config Aggregator
Lecture 55 Remediating Non-Compliant Config Rules with SSM Automation
Lecture 56 Remediating Non-Compliant Config Rules with SSM Automation - Practical
Lecture 57 Understanding CloudTrail
Lecture 58 Creating First CloudTrail Trail
Lecture 59 CloudTrail Event Types
Lecture 60 CloudTrail - Log File Integrity Validation
Lecture 61 Document - S3 Log File Validation
Lecture 62 Digest Delivery Times
Lecture 63 Overview of Amazon Macie
Lecture 64 Detecting Sensitive Files with Macie
Lecture 65 S3 Event Notification
Lecture 66 Revising VPC Flow Logs
Lecture 67 VPC Flow Logs In-Detail
Lecture 68 Centralized Logging Architecture
Lecture 69 Cross-Account Logging for CloudTrail
Lecture 70 Document - Centralized Logging Policy
Lecture 71 Considerations - S3 Bucket Policy for Cross Account CloudTrail
Lecture 72 Document - Conditional S3 Bucket Policy for CloudTrail
Lecture 73 AWS SNS
Lecture 74 Streaming Data & Amazon Kinesis
Lecture 75 Amazon Kinesis Service Offerings
Lecture 76 Amazon CodeGuru
Section 4: Domain 3 - Infrastructure Security
Lecture 77 VPC Reachability Analyzer
Lecture 78 Network Access Analyzer
Lecture 79 VPC Traffic Mirroring
Lecture 80 VPC Traffic Mirroring Practicals
Lecture 81 Bastion Hosts & SSH Agent Forwarding
Lecture 82 Document - Commands for SSH Agent Forwarding
Lecture 83 Introduction to Virtual Private Networks
Lecture 84 Understanding AWS Client VPN Endpoints
Lecture 85 Creating Client VPN Endpoints
Lecture 86 Document - Commands to Setup ClientVPN Endpoint
Lecture 87 Overview of AWS VPN Tunnels
Lecture 88 VPC Peering
Lecture 89 Overview of VPC Endpoints
Lecture 90 Implementing Gateway VPC Endpoints
Lecture 91 VPC Endpoint Policies
Lecture 92 Overview of Interface VPC Endpoints
Lecture 93 Implementing Interface Endpoints
Lecture 94 Overview of VPC Endpoint Services
Lecture 95 Overview of Transit Gateways
Lecture 96 Base Transit Gateway Concepts
Lecture 97 Transit Gateway Practical
Lecture 98 Understanding Direct Connect
Lecture 99 MAC Security
Lecture 100 Network ACLs
Lecture 101 NACL - Rule Ordering
Lecture 102 Understanding Stateful vs Stateless Firewalls
Lecture 103 IDS / IPS in AWS
Lecture 104 Understanding the Content Delivery Networks
Lecture 105 Demo - CloudFront Distribution
Lecture 106 Understanding Edge Locations
Lecture 107 Deploying CloudFront Distribution
Lecture 108 Overview of Origin Access Identity
Lecture 109 Implementing OAC in CloudFront
Lecture 110 Document - S3 Policy for OAC
Lecture 111 Overview of CloudFront Signed URLs
Lecture 112 Implementing CloudFront Signed URLs
Lecture 113 Field Level Encryption in CloudFront
Lecture 114 Real World example on DOS Implementation
Lecture 115 AWS Shield
Lecture 116 Mitigating DDOS Attacks
Lecture 117 Document - DDoS References
Lecture 118 Revising the Basics of API
Lecture 119 Introduction to API Gateway
Lecture 120 REST APIs vs HTTP APIs
Lecture 121 Creating HTTP API
Lecture 122 Creating REST APIs
Lecture 123 API Keys and Usage Plans
Lecture 124 Lambda & S3
Lecture 125 EC2 Key-Pair Troubleshooting
Lecture 126 EC2 Tenancy Attribute
Lecture 127 AWS Artifact
Lecture 128 Lambda@Edge
Lecture 129 Lambda@Edge Demo
Lecture 130 DNS Attributes in VPC
Lecture 131 DNS Query Logging
Lecture 132 Implementing Route53 Query Logging
Lecture 133 Overview of Network Firewall
Lecture 134 Important Note - Billing
Lecture 135 Deploying Network Firewall
Lecture 136 Elastic Network Interface
Lecture 137 Bring Your Own IP
Lecture 138 AWS SES
Lecture 139 Sending Email through SES
Lecture 140 Types of SES Credentials
Lecture 141 SES SMTP Endpoint
Lecture 142 Overview of EC2 Image Builder
Lecture 143 Building Image Pipeline with EC2 Image Builder
Section 5: Domain 4 - Identity and Access Management
Lecture 144 Overview of AWS Organizations
Lecture 145 Creating our first AWS Organization & SCP
Lecture 146 Organizational Unit (OU) in AWS organization
Lecture 147 Strategies for using SCPs
Lecture 148 Switching from Deny List to Allow List SCPs
Lecture 149 Document - SCP AllowList Policy
Lecture 150 IAM Policy Evaluation Logic
Lecture 151 Identity and Resource Based Policies
Lecture 152 Understanding IAM Policies
Lecture 153 IAM Policies - Part 02
Lecture 154 Identity Account Architecture
Lecture 155 Creating Cross-Account IAM Roles
Lecture 156 Cross Account IAM Policy Document
Lecture 157 External ID in Delegation
Lecture 158 EC2 Instance Meta-Data
Lecture 159 Revising IAM Role
Lecture 160 Understanding working of an IAM role
Lecture 161 IPTABLES & Instance Meta-Data
Lecture 162 Document - Commands
Lecture 163 IAM - Version Element
Lecture 164 IAM Policy Variables
Lecture 165 Document - IAM Policy Variable
Lecture 166 Principal and NotPrincipal Element
Lecture 167 Document - Resource Policy for Principal Element
Lecture 168 Implementing NotPrincipal Element
Lecture 169 Document - NotPrincipal S3 Bucket Policy
Lecture 170 Conditionl Element
Lecture 171 Document - Condition Policy Examples
Lecture 172 AWS Security Token Service
Lecture 173 Federation
Lecture 174 Understanding SAML for SSO
Lecture 175 Understanding Active Directory
Lecture 176 Introduction to AWS Directory Service
Lecture 177 Trusts in Active Directory
Lecture 178 Overview of IAM Identity Center
Lecture 179 IAM Identity Center Concepts
Lecture 180 IAM Identity Center Practicals
Lecture 181 Amazon Cognito
Lecture 182 S3 Bucket Policies
Lecture 183 Bucket Policy Document
Lecture 184 Regaining Access to Locked S3 Bucket
Lecture 185 Bucket Policy Document - Deny Statements
Lecture 186 Cross Account S3 Bucket Configuration
Lecture 187 Document - Cross Account S3 Bucket Policy.
Lecture 188 Canned ACLs
Lecture 189 Document - Canned ACLs Commands
Lecture 190 Understanding Presigned URLs
Lecture 191 S3 Versioning
Lecture 192 S3 Batch Operations
Lecture 193 S3 - Cross Region Replication
Lecture 194 S3 Object Lock
Lecture 195 S3 Inventory
Lecture 196 S3 Inventory Practical
Lecture 197 S3 - Server Access Logging
Lecture 198 Server Access Logging Practical
Lecture 199 S3 - Cross Account Replication
Lecture 200 Cross Account Replication Practical
Lecture 201 Document - Bucket Policy for Cross Account Replication
Lecture 202 MFA Protected API Access
Lecture 203 Document - MFA CLI Commands
Lecture 204 IAM Permission Boundaries
Lecture 205 IAM and S3
Lecture 206 Document - IAM Policies
Lecture 207 Troubleshooting IAM Policies
Lecture 208 Document - Troubleshooting Policies
Lecture 209 Troubleshooting Answers - Solution 01
Lecture 210 Troubleshooting Answers - Solution 02
Lecture 211 Troubleshooting Answers - Solution 03
Lecture 212 Troubleshooting Answers - Solution 04
Lecture 213 Troubleshooting Answers - Solution 05
Lecture 214 IAM Service Role and Pass Role
Lecture 215 Document Code - Pass Role Policy
Lecture 216 Attribute-Based Access Control
Lecture 217 Document - ABAC Policy
Lecture 218 Amazon WorkMail
Lecture 219 IAM Access Analyzer
Lecture 220 Generating Findings on Shared Resources
Lecture 221 IAM Access Advisor
Section 6: Domain 5 - Data Protection
Lecture 222 Introduction to Cryptography
Lecture 223 Understanding communication Protocols
Lecture 224 Plain Text vs Encrypted Text Based Protocols
Lecture 225 AWS CloudHSM
Lecture 226 Important Pointers - CloudHSM
Lecture 227 AWS Key Management Service
Lecture 228 Creating our first Customer Managed Key (CMK)
Lecture 229 Document - CMKs References
Lecture 230 Envelope Encryption with KMS
Lecture 231 Schedule Key Deletion
Lecture 232 KMS Key Categories
Lecture 233 Overview of Asymmetric Key Encryption
Lecture 234 Asymmetric Keys with KMS
Lecture 235 Document - Asymmetric Encryption Commands
Lecture 236 Digital Signing with KMS
Lecture 237 Document - Digital Signing with KMS Commands
Lecture 238 AWS Key Management Service - Data Key Caching
Lecture 239 AWS Key Management Service - CMK Deletion & EBS Use-Case
Lecture 240 Access Control in KMS
Lecture 241 Importance of Default Key Policy
Lecture 242 Reducing Risk of Unmanageable CMK
Lecture 243 KMS Policy Evaluation Logic - Use-Case 1
Lecture 244 Document - KMS Use-Case 1
Lecture 245 KMS Policy Evaluation Logic - Use Case Solution - 01
Lecture 246 KMS Policy Evaluation Logic - Use Case 2
Lecture 247 Document - KMS Use Case 02
Lecture 248 KMS Policy Evaluation Logic - Use Case 02 Solution
Lecture 249 KMS Policy Evaluation Logic - Use Case - 3
Lecture 250 Document - KMS Use Case 03
Lecture 251 KMS Policy Evaluation Logic Solution - Use Case 3
Lecture 252 KMS Grants
Lecture 253 Document - KMS Grants Commands
Lecture 254 Importing Key Material to KMS
Lecture 255 Document - Imported Key Material Commands
Lecture 256 KMS ViaService
Lecture 257 Document - KMS ViaService Policy
Lecture 258 Migrating Encrypted KMS Data Across Regions
Lecture 259 Multi-Region KMS
Lecture 260 Benefits of CloudHSM over KMS
Lecture 261 S3 Encryption
Lecture 262 Load Balancing in AWS
Lecture 263 OSI Model & AWS ELB
Lecture 264 Classic Load Balancers
Lecture 265 Overview of Application Load Balancers
Lecture 266 Listener and Target Groups
Lecture 267 ALB Practicals
Lecture 268 Network Load Balancers
Lecture 269 ELB Access Logs
Lecture 270 Client IP Preservation
Lecture 271 Understanding HTTPS Connections
Lecture 272 Overview of AWS Certificate Manager
Lecture 273 Issuing Certificates with ACM
Lecture 274 HTTPS Listeners in ELB
Lecture 275 Glacier Vault and Vault Lock
Lecture 276 DynamoDB Encryption
Lecture 277 Encryption Context in KMS
Lecture 278 Document - Encrypted Context Commands
Lecture 279 Overview of AWS Secrets Manager
Lecture 280 Creating our First Secret in Secrets Manager
Lecture 281 Rotating Secrets
Lecture 282 Overview of Route53 Resolver
Lecture 283 Route53 Resolver DNS Firewall
Lecture 284 Configuring Route53 DNS Firewall
Lecture 285 DNS Firewall VPC Configuration Options
Lecture 286 DNS Cache Poisoning Attack
Lecture 287 Document - External Link
Lecture 288 Overview of DNSSEC
Lecture 289 PCAP Files - DNS and DNSSEC
Lecture 290 Configuring DNSSEC in Route53
Lecture 291 AWS Signer
Lecture 292 Integrating Signer with Lambda
Lecture 293 Overview of EBS Snapshots
Lecture 294 EBS Encryption
Lecture 295 Enabling Encryption by Default
Lecture 296 EBS Encryption Scenerios
Lecture 297 Encrypted EBS Snapshot Sharing
Lecture 298 Overview of Elastic File System (EFS)
Lecture 299 Creating and Mounting EFS in EC2
Lecture 300 Document - EFS Commands
Lecture 301 EFS File System Policies
Lecture 302 Data Encryption in EFS
Lecture 303 Enforcing In-Transit Encryption in EFS
Lecture 304 IAM Authentication in EFS
Lecture 305 Document - IAM Policy
Lecture 306 Overview of AWS Backup
Lecture 307 Creating Backup Plan
Section 7: Domain 6 - Management and Security Governance
Lecture 308 Resource Access Manager
Lecture 309 VPC Sharing in AWS
Lecture 310 AWS Control Tower
Lecture 311 Firewall Manager
Lecture 312 Trusted Advisor
Lecture 313 Overview of Service Catalog
Lecture 314 Creating Product and Portfolio in Service Catalog
Lecture 315 Document Code - AWS Service Catalog
Lecture 316 AWS Cost Explorer
Section 8: Important points for Exams
Lecture 317 Our Community
Those interested in gaining the AWS Security Specialty Certification,Those who wants to gain deep security insights related to AWS
Buy Premium Account From My Download Links & Get Fastest Speed.