AWS Certified Security Specialty 2020
4.4 (2,066 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
11,629 students enrolled

AWS Certified Security Specialty 2020

All you need to master AWS Certified Security Specialty certification.
Bestseller
4.4 (2,066 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
11,629 students enrolled
Created by Zeal Vora
Last updated 4/2020
English
English [Auto-generated], French [Auto-generated]
Price: $34.99
30-Day Money-Back Guarantee
This course includes
  • 24 hours on-demand video
  • 30 articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Will be prepared to give AWS Certified Security Specialty Exam
  • You will be able to Master the Security aspect of AWS
  • Gain deep insights about Enterprise grade Security implementation.
  • Will be able to detect attacks and protect the AWS infrastructure from Hackers.
Requirements
  • Basics of AWS
  • AWS Solutions Architect Associate or Equivalent Knowledge
Description

This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2020 certification and as well for those who want to master the AWS Security as well.

Throughout the course, we look into various Real World scenario and look into why do website gets hacked, what could have been done to prevent it and learn the best practices related to Security for your AWS environment. 

With tons of quizzes in order to prepare you for exams, Real-world scenarios and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the Certification.

Who this course is for:
  • Those interested in gaining the AWS Security Specialty Certification
  • Those who wants to gain deep security insights related to AWS
Course content
Expand all 209 lectures 23:59:01
+ Domain 1 - Incident Response
14 lectures 01:39:27
Introduction to Domain 1
03:18
Case Study of Hacked Server
08:05
Dealing with AWS Abuse Notice
07:28
AWS GuardDuty
10:10
Whitelisting Alerts in AWS GuardDuty
08:32
Document - GuardDuty Alert Lists
00:00
Centralized Dashboards for GuardDuty Findings
05:53
Understanding Incident Response Terminology
12:41
Incident Response Use-Cases for Exams
03:00
Use Case - Dealing with Exposed Access Keys
16:26
Use Case - Dealing with compromised EC2 Instances
05:16
Incident Response in Cloud
11:32
Penetration Testing in AWS (New)
06:56
Quiz - Domain 1: Incident Response
7 questions
Notes - Domain 1
00:10
+ Domain 2 - Logging & Monitoring
38 lectures 04:57:39

In this lecture we will look into basics of hacking methodology.

Introduction to Vulnerability, Exploit, Payload
05:57
VEP Practical - Hacking inside a test farm
08:02

In this lecture, we will learn to use Automated Vulnerability Scanner to detect vulnerabilities within a target system.

Understanding Automated Vulnerability Scanners
08:23

In this lecture, we will learn about Common Vulnerabilities Exposure & Common Vulnerability Scoring Systems to understand on how vulnerability scanners really work and to identify vulnerabilities manually.

Common Vulnerabilities Exposures & CVSS
08:38

We will have an overview about the AWS Inspector and it's associated features.

Introduction to AWS Inspector
06:49
AWS Inspector Vulnerability Scans
10:34
AWS Security Hub
09:19
Overview of Layer 7 Firewalls
06:48
Understanding AWS WAF
13:00
Implementing AWS WAF with ALB
15:53
Overview of AWS Systems Manager
07:42
Configuring SSM Agent
06:36
Overview of Sessions Manager
06:35
SSM - Run Command
07:25
Overview of Patch Manager
09:12
Implementing Compliance and Patch Baselines
10:02
EC2 Systems Manager - Parameter Store
06:37
Understanding CloudWatch Logs
09:33
Pushing Linux system logs to CloudWatch
10:33
Document - CloudWatch Logs Policies
00:15
CloudWatch Events
09:07
AWS Athena
12:14
Athena - Code Samples
00:15
Overview of AWS CloudTrail
09:28
Improved Governance - AWS Config 01
13:46
Improved Governance - AWS Config 02
09:16
Trusted Advisor
08:47
CloudTrail - Log File Integrity Validation
08:40
Document - S3 Log File Validation
00:02
Digest Delivery Times
02:17
Overview of AWS Macie (New)
08:47
Creating our First Alert with AWS Macie (New)
07:52
S3 Event Notification
07:24
VPC Flow Logs
14:06
Centralized Logging Architecture
09:09
Cross-Account Logging for CloudTrail and Config
08:23
Document - Centralized Logging Policy
00:12
Quiz - Domain 2: Logging & Monitoring
20 questions
Notes - Domain 2
00:00
+ Domain 3 - Infrastructure Security
50 lectures 06:15:56
Implementing Bastion Hosts
11:31
OpenVPN is Awesome
05:12
OpenVPN - Part 02
03:19
Overview of AWS VPN Tunnels
07:08
Using AWS VPN for On-Premise to AWS connectivity
09:26
Configuring first IPSec tunnel with OpenSwan - Part 01
13:49
Configuring first IPSec tunnel with OpenSwan - Part 02
04:43
VPC Peering
08:08
VPC Endpoints
13:11
VPC Endpoints - Architectural Perspective
06:11
Gateway VPC Endpoints - Access Control
06:11
Gateway Endpoint ACL (Resource)
00:07
Understanding Interface VPC Endpoints
07:30
Implementing Interface Endpoints
07:12
Network ACL
09:17
Understanding Stateful vs Stateless Firewalls
13:48
Understanding Networking Sockets
11:07
Revising Security Groups
04:51
Connection of Security Group & NIC Cards
06:29
Egress Rules - The Real Challenge
12:38
IPTABLES & Instance Metadata
11:57
IDS / IPS in AWS
05:22
EBS Architecture & Secure Data Wiping
13:48
Understanding the Content Delivery Networks
08:10
Demo - CloudFront Distribution
07:52
Understanding Edge Locations
07:47
Deploying Cloudfront Distribution - Part 01
07:22
Deploying Cloudfront Distribution - Part 02
05:23
Understanding the Origin Access Identity
07:02
Understanding importance of SNI in TLS protocol
09:26
Overview of CloudFront Signed URLs
07:18
Implementing CloudFront Signed URLs
07:08
Real World example on DOS Implementation
08:42
AWS Shield
04:17
Mitigating DDOS Attacks
04:19
Document - DDoS References
00:00
Introduction to Application Programming Interface (API)
15:30
Understanding the working of API
09:54
Building Lambda Function for our API
03:12
Building our first API with API Gateway
07:08
Lambda & S3
06:14
EC2 Key-Pair Troubleshooting
11:03
EC2 Tenancy Attribute
05:58
AWS Artifact
03:23
Lambda@Edge
10:58
Lambda@Edge Practical
06:18
AWS Simple Email Service (SES) (New)
06:25
DNS Resolution in VPC
06:17
Notes - Domain 3
00:00
Quiz - Domain 3: Infrastructure Security
25 questions
+ Domain 4 - Identity & Access Management
55 lectures 06:00:36
Understanding AWS Organizations
06:40
AWS Organizations - Practical
08:34
Organizational Unit (OU) in AWS organization
06:14
IAM Policy Evaluation Logic
11:57
Identity and Resource Based Policies
07:53
Understanding IAM Policies
15:25
IAM Policies - Part 02
11:56
Delegation - Cross Account Trust - Part 1
07:17
Delegation - Cross Account Trust - Part 2
10:02
Cross Account IAM Policy Document
00:02
External ID in Delegation
09:35
Revising IAM Role
11:32
EC2 Instance Meta-Data
08:13
Understanding working of an IAM role
08:03
IAM - Version Element
10:13
IAM Policy Variables
04:50
Document - IAM Policy Variable
00:02
Principal and NotPrincipal Element
07:32
Document - Resource Policy for Principal Element
00:04
Implementing NotPrincipal Element
03:55
Document - NotPrincipal S3 Bucket Policy
00:03
Conditionl Element
07:23
Document - Condition Policy Examples
00:03
AWS Security Token Service
17:14
Understanding Federation - Part 01
06:30
Understanding Federation - Part 02
08:10
Document - ADFS with AWS
00:00
Understanding SAML for SSO
10:49
Overview of AWS Single Sign-On
06:43
Implementing AWS SSO
08:06
Integrating AWS SSO with AWS CLI
05:05
AWS Cognito
11:57
Understanding Active Directory
04:19
Introduction to AWS Directory Service
08:50
Domain Joining EC2 instance with Directory Service
10:51
Document - Joining Linux Instance with SimpleAD
00:00
Trusts in Active Directory
07:32
IAM & S3
11:09
S3 Bucket Policies
07:31
Bucket Policy Document - Condition based on IP Address
00:05
Cross Account S3 Bucket Configuration
11:11
Document - Cross Account S3 Bucket Policy
00:04
Canned ACL's
09:27
Understanding Presigned URLs
09:13
S3 - Versioning
09:20
S3 - Cross Region Replication
07:37
IAM Permission Boundaries (New)
09:47
Troubleshooting IAM Policies
01:47
Document - Troubleshooting Policies
00:14
Troubleshooting Answers - Solution 01
04:46
Troubleshooting Answers - Solution 02
05:28
Troubleshooting Answers - Solution 03
04:24
Troubleshooting Answers - Solution 04
01:24
Troubleshooting Answers - Solution 05
03:32
Quiz - Domain 4: Identity & Access Management
15 questions
Notes - Domain 4
00:00
+ Domain 5 - Data Protection
45 lectures 04:08:28
Introduction to Cryptography
12:14
Plain Text vs Encrypted Text Based Algorithms
07:07
CloudHSM
06:36
AWS Key Management Service
09:14
AWS Key Management Service - Part 02
08:20
AWS Key Management Service - Part 03
07:26
AWS Key Management Service - Data Key Caching
09:26
AWS Key Management Service - Scheduled CMK Deletion
03:59
AWS Key Management Service - CMK Deletion & EBS Use-Case
04:51
Reducing Risk of Unmanageable CMK
03:21
KMS - Authentication and Access Control
05:34
KMS Policy Evaluation Logic - Use Case Solution - 01
03:01
Document - KMS Use Case 01
00:19
KMS Policy Evaluation Logic - Use Case Solution - 01
04:25
KMS Policy Evaluation Logic - Use Case 02
01:56
Document - KMS Use Case 02
00:13
KMS Policy Evaluation Logic - Use Case Solution - 02
03:08
KMS Policy Evaluation Logic - Use Case - 03
00:44
Document - KMS Use Case 03
00:13
KMS Policy Evaluation Logic - Use Case Solution - 03 (New)
01:41
KMS Grants
12:08
Document - KMS Grants Commands
00:09
Importing Key Material to KMS
07:45
Document - Imported Key Material Commands
00:05
KMS ViaService
08:20
Document - KMS ViaService Policy
00:09
Migrating Encrypted KMS Data Across Regions
07:32
Benefits of CloudHSM over KMS
02:27
S3 Encryption
13:20
Revising Classic Load Balancers
10:36
Overview of Load Balancer Types
04:58
Overview of Application Load Balancer
07:41
Path Based Routing in ALB
10:46
Revising ELB Listener Configuration
08:41
ELB Listeners - Understanding HTTP vs TCP Listeners
08:59
Understanding AWS Certificate Manager
05:22
Deploying SSL/TLS certificate with ACM
03:07
Configuring ELB with HTTPS for SSL Offloading
04:54
Glacier Vault and Vault Lock
07:46
DynamoDB Encryption
02:57
Overview of AWS Secrets Manager
05:59
RDS Integration with AWS Secrets Manager
10:07
Encryption Context in KMS
10:37
Document - Encrypted Context Commands
00:13
Quiz - Domain 5: Data Protection
19 questions
Notes - Domain 5
00:00
+ Important points for Exams
6 lectures 52:04
Important Pointers - Domain 1
07:31
Final Exam Practice Test - Domain 1
7 questions
Important Pointers - Domain 2
10:23
Final Exam Practice Test - Domain 2
25 questions
Important Pointers - Domain 3
11:43
Final Exam Practice Test - Domain 3
39 questions
Important Pointers - Domain 4
09:30
Final Exam Practice Test - Domain 4
22 questions
Important Pointers - Domain 5
12:06
Final Exam Practice Test - Domain 5
34 questions
Updated - Important Pointers for Exams
00:51