
Prepare for the AWS security specialty exam by following this course in order, covering EC2 and S3 with hands-on lessons and practice exams for full preparation.
Explore AWS Identity and Access Management (IAM) fundamentals, covering authentication, authorization, users, groups, roles, and policies, with hands-on exercises configuring the CLI and multifactor authentication.
Discover how AWS identity and access management enables authentication and authorization with users, roles, and policies. Manage access via user groups, identity-based policies, and programmatic credentials.
Learn IAM authentication methods and multi-factor authentication in AWS, differentiate console access via password from programmatic access with access keys, and cover root and IAM user MFA best practices.
Enable multi-factor authentication for an AWS user by using a virtual MFA with Google Authenticator, scanning a QR code, and entering two codes to sign in.
Explore the AWS security token service STS, comparing short-term and long-term credentials, and learn to obtain temporary credentials via assume role, SAML, and web identity for federated access.
Deepen your understanding of identity and access management by exploring identity-based and resource-based policies, implementing role-based and attribute-based access control, and examining evaluation logic and structure, including permissions boundaries.
Learn IAM policy structure in AWS by reading JSON policy statements, applying actions, effects, and resources to manage bucket-level and object-level permissions.
Learn how to implement role-based access control by creating a billing admins group, attaching the AWS managed billing policy, and adding users like Joanne to grant bill-paying permissions.
Use attribute-based access control to restrict RDS actions by policy conditions tied to department and environment tags, demonstrated through a DB Admins group, Dave, and production vs development databases.
Apply a permissions boundary to limit IAM permissions and prevent privilege escalation, ensuring users cannot exceed the administrator's access.
Learn to use the AWS policy generator to create IAM policies with granular actions for S3 and EC2, attach inline policies to a test user, and validate permissions.
Configure and enforce management policies across AWS organizations to centrally control resources and standardize configurations, backups, tagging, chat applications policies, ai services opt-out policies, and security hub practices.
Explore service control policies, comparing denial and allow list strategies, and see how explicit denies override allows while permissions flow down the OU hierarchy to govern DynamoDB, EC2, and CloudWatch.
Explore the use cases for IAM roles, leveraging AWS STS for temporary credentials, compare roles with access keys, and apply least privilege across EC2, Lambda, ECS, and cross-account access.
Explore AWS Organizations and Control Tower for centralized governance of multiple accounts, using service control policies, tag policies, and guard rails, preventive via SEPs and detective via RCPs.
Master AWS infrastructure security by examining VPC components, ACLs, security groups, Direct Connect, and VPNs, and implement host-based security for EC2. Leverage infrastructure as code for secure AWS deployments.
Explore secure VPC design, including regional structure, availability zones, subnets, route tables, internet gateways, IPv4 and IPv6, private subnets, and NAT gateways.
Create a custom vpc with public and private subnets across two availability zones and an internet gateway, manually and with the vpc wizard, understanding cidr blocks and routing.
Explore how security groups and network ACLs protect AWS resources in a VPC, comparing stateful and stateless filtering, subnet versus instance level application, and allow versus deny rules.
Configure security groups and NACLs to manage inbound and outbound traffic, test connectivity with instance connect, and explore security group chaining and stateless ACL behavior.
VPC peering creates a private network connection between two VPCs, enabling cross-account and cross-region communication with private IP addresses, non-overlapping CIDR blocks, and bi-directional routing.
Explore VPC endpoints to keep traffic private and avoid the internet. Use interface endpoints (ENI) for many AWS services and gateway endpoints for S3 and DynamoDB with route table updates.
Explore securing AWS Direct Connect with private and public virtual interfaces, VGW connectivity, and transit VIFs, and compare MacSec encryption and IPsec VPN options for end-to-end protection.
Use IAM roles for delegating to applications with short-term credentials via STS in AWS, avoiding exposure from access keys, which are long-term and tied to a user account.
Automating infrastructure as code uses templates in JSON or YAML to define resources, and CloudFormation provisions and manages them as stacks, with rollback, version control, and change sets.
Create an AWS config rule to flag security groups exposing non port 80 access and use SSM automation to remediate noncompliant resources by revoking ingress.
Explore AWS network security tools, including the VPC Reachability Analyzer, Network Access Analyzer, and Amazon Inspector, to troubleshoot connectivity, verify configurations, and enable secure application-level access with AWS Verified Access.
Identify unintended access in your VPC and verify compliance using network access analyzer. Define scopes with match conditions to report findings across network interfaces and gateways.
Learn infrastructure security across regions and availability zones, design with VPCs, subnets, security groups, and NACLs, and enable private connectivity, endpoints, and HA with NAT, VPC peering, and transit gateway.
Secure the network edge by applying Route 53 DNS routing, CloudFront caching, and protections from AWS WAF, AWS Shield, the DNS firewall, and the network firewall.
Master DNS resolution with Amazon Route 53 by creating public and private hosted zones, configuring routing policies, and distinguishing CNAME and alias records at the zone apex.
Explore how CloudFront handles SSL/TLS certificates (ACM or third-party), enables server name indication for multiple domains on one IP, and configures viewer and origin protocols across S3, ALB, and EC2.
Explore lambda at edge to run no js and python lambda functions near viewers, processing at viewer request, origin request, origin response, and viewer response to customize cloudfront content.
Explore AWS network firewall for VPC protection with stateful and stateless filtering, intrusion prevention, web filtering, and Route 53 Resolver DNS firewall, all managed across accounts by Firewall Manager.
Centralize policy management for WAF, Shield, network firewall, and Route 53 DNS firewall across an AWS organization using AWS Firewall Manager. Configure administrator accounts and auto remediation for security groups.
Explore encryption in transit and at rest with AWS Certificate Manager, KMS, and CloudHSM; apply to S3, EBS, EFS, RDS, and DynamoDB, and secure credentials with Secrets Manager, Lambda.
Contrast encryption in transit and encryption at rest, with https and load balancers, and explain asymmetric versus symmetric encryption using public/private keys and data encryption keys.
Learn how AWS Certificate Manager enables encryption in transit with SSL/TLS certificates and at rest for S3, while managing, renewing, and importing certificates for services like ELB, CloudFront, and CloudFormation.
Protect DynamoDB and RDS with encryption at rest and in transit using TLS and KMS in a VPC and gateway endpoints. Understand encryption status, backups, replicas, and changes via snapshots.
Learn how to safely retire KMS keys by disabling them to prevent cryptographic use and scheduling deletion with a seven-day waiting period, enabling recovery if needed.
Master CloudWatch for logging, monitoring, and alarms with the unified CloudWatch agent on EC2 to collect logs and system metrics, while CloudTrail enables auditing with centralized S3 logs and alerts.
Explore AWS directory services, including managed Microsoft AD, AD Connector, and simple AD, detailing high-availability domain controllers, trust relationships, group policies, single sign-on, and on-premises integration.
Enable IAM Identity Center, integrate with AWS Organizations, configure identity source and MFA, create administrator and view-only permission sets, add a group and user, assign accounts, and use access portal.
Are you ready to take your AWS Security knowledge to the next level and become an AWS Certified Security Specialist? Then this AWS Security Specialty instructor-led video course is for you! Designed for intermediate to advanced learners, this on-demand training will equip you with the knowledge and confidence you need to succeed in your SCS-C03 exam.
Your highly experienced instructor will guide you through the key concepts and best practices for securing your AWS environment. This hands-on training includes guided activities with security-specific scenarios, security deep dive lessons, and an exam-difficulty practice exam to test your progress. All the materials you need to succeed - including diagrams, code, links, files, and slides - are available for download.
You will gain a deep level of knowledge and expertise in AWS Security with the help of:
Over 9 hours of comprehensive video and hands-on lessons
Detailed presentations and diagrams
Exam cram lessons for quick revision of key facts
An complimentary practice exam to test your knowledge
A supportive community of students and instructors
This course is your key to acing the Certified Security Specialty exam! With our mixture of in-depth theory, architectural diagrams and hands-on training, you'll learn how to secure your AWS environment - fully preparing you for the SCS-C03 certification exam. With this comprehensive Udemy AWS Security Specialty training, you have everything you need to comfortably pass the SCS-C03 certification exam.
PREVIEW THIS COURSE
Watch the intro video to find out why students choose Digital Cloud Training to prepare for their AWS exams.
With our FREE previews you can see for yourself how we prepare you for the AWS Certified Specialty [SCS-C03] exam using guided AWS hands-on lessons. Check out the curriculum to see the vast amount of practical exercises combined with in-depth theoretical training.
THIS AWS SECURITY TRAINING COVERS THE FOLLOWING TOPICS IN-DEPTH:
AWS IAM User, Groups, Roles and Policies
AWS Security Token Service (STS)
Multi-Factor Authentication (MFA)
Identity-Based Policies and Resource-Based Policies
AWS Organizations and Service Control Policies (SCPs)
Use Cases for IAM Roles
AWS Directory Services, Identity Federation, AWS Single Sign-On, Amazon Cognito
Amazon VPC Security
Data Protection
Logging, Monitoring, and Compliance
Security Management and Automation
Infrastructure and Edge Security
Incident Response
TOP REASONS WHY THIS ULTIMATE EXAM PREP IS YOUR BEST CHANCE TO ACE YOUR AWS EXAM
THE ULTIMATE EXAM PREP: We’ll teach you everything you need to know (in theory and practice) to ace your exam AND secure your AWS environment in the real world
GUIDED HANDS-ON LESSONS: All hands-on lessons are backed by high-quality logical diagrams so you can visualize what you're building
EXAM CRAM LESSONS: These fast-paced slide lectures at the end of each section cover the key facts you need to know for the exam. Perfect for quick revision of the most important facts before you sit your exam
BONUS PRACTICE TEST: Our practice test is timed and scored mimicking the real exam environment so you get familiar with the real AWS exam format, style and difficulty
DETAILED EXPLANATIONS: Every question includes deep-dive reference links and detailed explanations that describe why each answer is correct or incorrect
HIGH-QUALITY VISUALS: We've spared no effort to create a highly visual training course with lots of tables and graphs to illustrate the concepts
PRESENTED IN A PROFESSIONAL WAY: Your instructor (native speaker) uses clear and easy to understand language and presents the material in a professional way - focused and to the point with professional subtitles
CERTIFICATE OF COMPLETION: Upon course completion, you get to download your Certificate of Completion issued by Udemy
ACCESS DIAGRAMS, CODE AND SLIDES: All diagrams, code and slides (optional, requires name/email) presented throughout the course are available for download in PDF format
RESPONSIVE SUPPORT: Our team of AWS experts comprehensively respond to all of your questions, concerns or feedback
ACTIVE Q&A DISCUSSION BOARD: Join the discussion on AWS related topics in our discussion forum where our students share their recent exam experience offering feedback on which topics were covered
MOBILE ACCESS: Study on the go and access all resources from your mobile phone - anywhere, anytime
LIFETIME ACCESS: Students have lifetime access to all future updates of this course
YOUR INSTRUCTOR
Hi, I'm Neal Davis, and I'm delighted to be your instructor for this course. As the founder of Digital Cloud Training, I'm deeply committed to providing top-quality AWS certification training resources. I created this comprehensive training course to help you excel in your AWS exam and achieve your professional goals. With over 20 years of hands-on experience in the Cloud space, I'm excited to share my expertise with you on Udemy.
OUR SUCCESS IN NUMBERS
Over 750,000 students enrolled in our AWS courses on Udemy
4.7-star instructor rating from over 150,000 reviews
Our students pass the AWS exam with an average score of over 85%
MONEY-BACK GUARANTEE
We are totally confident in the value of our AWS Security Specialty course which comes with a 30-day unconditional money-back guarantee. Fast-track your AWS exam success and get lifetime access now - risk-free!
ENROLL NOW
Take the first step towards advancing your cloud career and becoming an AWS Certified Security Specialist!
By enrolling in our video course, you will not only pass the AWS Certified Security Specialty exam but also gain a comprehensive understanding of AWS security. Enhance your AWS knowledge and set yourself apart in the industry by taking this AWS Certified Security Specialty exam preparation course.