AWS Certified Security Specialty 2019
4.2 (708 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,591 students enrolled

AWS Certified Security Specialty 2019

All you need to master AWS Certified Security Specialty certification.
4.2 (708 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
4,591 students enrolled
Created by Zeal Vora
Last updated 2/2019
English
English [Auto-generated]
Price: $34.99
30-Day Money-Back Guarantee
This course includes
  • 20.5 hours on-demand video
  • 11 articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to Udemy's top 3,000+ courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Will be prepared to give AWS Certified Security Specialty Exam
  • You will be able to Master the Security aspect of AWS

  • Gain deep insights about Enterprise grade Security implementation.

  • Will be able to detect attacks and protect the AWS infrastructure from Hackers.
Requirements
  • Basics of AWS
  • AWS Solutions Architect Associate or Equivalent Knowledge
Description

This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2018 certification and as well for those who wants to master the AWS Security as well.

Throughout the course, we look into various Real World scenario and look into why do website gets hacked, what could had been done to prevent it and learn the best practices related to Security for your AWS environment. 

With tons of quizzes in order to prepare you for exams, Real world scenario and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the Certification.

Who this course is for:
  • Those interested in gaining the AWS Security Specialty Certification
  • Those who wants to gain deep security insights related to AWS
Course content
Expand all 161 lectures 20:28:29
+ Domain 1 - Incident Response
10 lectures 01:21:46
Introduction to Domain 1
03:18
Case Study of Hacked Server
08:05
Dealing with AWS Abuse Notice
07:28
AWS GuardDuty
08:36
Understanding Incident Response Terminology
12:41
Incident Response Use-Cases for Exams
03:00
Use Case - Dealing with Exposed Access Keys
16:26
Use Case - Dealing with compromised EC2 Instances
05:16
Incident Response in Cloud
11:32
Penetration Testing in AWS (New)
05:24
+ Domain 2 - Logging & Monitoring
30 lectures 03:46:01

In this lecture we will look into basics of hacking methodology.

Introduction to Vulnerability, Exploit, Payload
05:26
VEP Practical - Hacking inside a test farm
08:02

In this lecture, we will learn to use Automated Vulnerability Scanner to detect vulnerabilities within a target system.

Understanding Automated Vulnerability Scanners
08:23

In this lecture, we will learn about Common Vulnerabilities Exposure & Common Vulnerability Scoring Systems to understand on how vulnerability scanners really work and to identify vulnerabilities manually.

Common Vulnerabilities Exposures & CVSS
08:38

We will have an overview about the AWS Inspector and it's associated features.

Introduction to AWS Inspector
07:25
Configuring AWS Inspector
06:42

We will use AWS Inspector to run CVE based scans and compare it with Industry standards vulnerability scanners.

AWS Inspector & Nessus - CVE scans
09:04

In this lecture, we will look into 5 important best practices that needs to be followed in order to take full advantage of the VA activity.

Best Practices in Vulnerability Assessments
08:12
Overview of Layer 7 Firewalls
06:48
Understanding AWS WAF
13:06
Implementing AWS WAF with ALB
10:38
Understanding EC2 Run Command
04:45
Deploying our first RunCommand
06:36
Patch Compliance with SSM
03:38
EC2 Systems Manager - Parameter Store
08:36
Understanding CloudWatch Logs
04:15
Pushing Linux system logs to CloudWatch
07:52
CloudWatch Events
09:07
AWS Athena
12:14
Athena - Code Samples
00:15
Overview of AWS CloudTrail
09:28
Improved Governance - AWS Config 01
13:46
Improved Governance - AWS Config 02
09:16
Trusted Advisor
08:47
CloudTrail - Log File Integrity Validation
08:40
Document - S3 Log File Validation
00:02
Digest Delivery Times
02:17
Overview of AWS Macie (New)
08:47
Creating our First Alert with AWS Macie (New)
07:52
S3 Event Notification
07:24

This quiz is intend to prepare you for exam for topics which includes the Monitoring Services.

Security Logging & Monitoring Quiz
2 questions
+ Domain 3 - Infrastructure Security
44 lectures 06:07:02
Implementing Bastion Hosts
11:31
OpenVPN is Awesome
05:12
OpenVPN - Part 02
03:19
Overview of AWS VPN Tunnels
07:08
Using AWS VPN for On-Premise to AWS connectivity
09:26
Configuring first IPSec tunnel with OpenSwan - Part 01
13:49
Configuring first IPSec tunnel with OpenSwan - Part 02
04:43
Inter-Region VPC Peering
07:40
VPC Endpoints
13:11
Transit VPC
07:04
VPC Flow Logs
14:06
Network ACL
09:17
Understanding Stateful vs Stateless Firewalls
13:48
Understanding Networking Sockets
11:07
Revising Security Groups
04:51
Connection of Security Group & NIC Cards
06:29
Egress Rules - The Real Challenge
12:38
IPTABLES & Instance Metadata
11:57
IDS / IPS in AWS
05:22
EBS Architecture & Secure Data Wiping
13:48
Introduction to Reverse Proxies
10:15
Understanding the Content Delivery Networks
05:31
Understanding Edge Locations
07:47
Deploying Cloudfront Distribution - Part 01
10:53
Understanding the Origin Access Identity
06:30
Understanding importance of SNI in TLS protocol
09:26
CloudFront Signed URL - 01
06:53
CloudFront Signed URL - 02
09:55
Real World example on DOS Implementation
08:42
AWS Shield
04:17
Mitigating DDOS Attacks
09:50
Document - DDoS References
00:00
Introduction to Application Programming Interface (API)
15:30
Understanding the working of API
09:54
Building Lambda Function for our API
04:18
Building our first API with API Gateway
06:03
API Gateway - Important Pointers for Exams
04:56
Lambda & S3
06:14
EC2 Key-Pair Troubleshooting
11:03
EC2 Tenancy Attribute
05:58
AWS Artifact
03:23
Lambda@Edge
10:58
AWS Simple Email Service (SES) (New)
06:25
+ Domain 4 - Identity & Access Management
37 lectures 05:25:53
Understanding AWS Organizations
06:40
AWS Organizations - Practical
08:34
IAM Policy Evaluation Logic
11:57
Understanding IAM Policies
15:25
IAM Policies - Part 02
11:56
Delegation - Cross Account Trust - Part 1
07:17
Delegation - Cross Account Trust - Part 2
10:02
Cross Account IAM Policy Document
00:03
Revising AWS CLI
11:54
Revising IAM Role
11:32
EC2 Instance Meta-Data
08:13
Understanding working of an IAM role
08:03
AWS Security Token Service
07:46
AWS STS - Migrating the EC2 Role Credentials - Part 2
04:21
AWS STS - Architecturing IAM user keys the right way - Part 3
16:55
AWS STS - Automate the temporary credentials - Part 4
04:27
Understanding Federation - Part 01
06:30
Understanding Federation - Part 02
08:10
Understanding SAML for SSO
14:38
Capturing SAML Assertion Packets with Tracer
07:19
Establishing trust between IdP and SP
20:32
Choosing a right IdP
06:15
AWS Cognito
11:57
Introduction to AWS Directory Service
10:51
Understanding Active Directory
04:19
Deploy our first SimpleAD based directory service
04:16
Domain Joining EC2 instance with Directory Service
09:17
IAM & S3
11:09
S3 Bucket Policies
07:31
Bucket Policy Document - Condition based on IP Address
00:07
Cross Account S3 Bucket Configuration
11:11
Document - Cross Account S3 Bucket Policy
00:06
Canned ACL's
09:27
Understanding Signed URL's
13:47
S3 - Versioning
06:02
S3 - Cross Region Replication
07:37
IAM Permission Boundaries (New)
09:47
+ Domain 5 - Data Protection
34 lectures 03:04:02
Introduction to Cryptography
12:14
Plain Text vs Encrypted Text Based Algorithms
07:07
CloudHSM
06:36
AWS Key Management Service
09:14
AWS Key Management Service - Part 02
08:20
AWS Key Management Service - Part 03
07:26
AWS Key Management Service - Data Key Caching
09:26
AWS Key Management Service - Scheduled CMK Deletion
03:59
AWS Key Management Service - CMK Deletion & EBS Use-Case
04:51
Reducing Risk of Unmanageable CMK
03:21
KMS - Authentication and Access Control
05:34
KMS Policy Evaluation Logic - Use Case Solution - 01
03:01
Document - KMS Use Case 01
00:25
KMS Policy Evaluation Logic - Use Case Solution - 01
04:25
KMS Policy Evaluation Logic - Use Case 02
01:56
Document - KMS Use Case 02
00:18
KMS Policy Evaluation Logic - Use Case Solution - 02
03:08
KMS Policy Evaluation Logic - Use Case - 03
00:44
Document - KMS Use Case 03
00:19
KMS Policy Evaluation Logic - Use Case Solution - 03 (New)
01:41
KMS Grants
12:08
Document - KMS Grants Commands
00:11
Importing Key Material to KMS
07:45
Document - Imported Key Material Commands
00:05
S3 Encryption
11:55
Revising ELB Listener Configuration
08:41
ELB Listeners - Understanding HTTP vs TCP Listeners
08:59
Understanding AWS Certificate Manager
05:22
Deploying SSL/TLS certificate with ACM
03:07
Configuring ELB with HTTPS for SSL Offloading
04:54
Glacier Vault
07:46
DynamoDB Encryption
02:57
Overview of AWS Secrets Manager
05:59
RDS Integration with AWS Secrets Manager
10:07

This quiz will check your skills related to Cryptograrphy and various AWS Services which deals with it like KMS, CloudHSM.

Quiz to prepare for Cryptography aspect in exam
2 questions
+ Important points for Exams
5 lectures 39:20
Important Pointers - Domain 1
06:01
Important Pointers - Domain 2
08:28
Important Pointers - Domain 3
09:33
Important Pointers - Domain 4
06:13
Important Pointers - Domain 5
09:05