The Sneak Peek program provides early access to Pearson video products and is exclusively available to Safari subscribers. Content for titles in this program is made available throughout the development cycle, so products may not be complete, edited, or finalized, including video post-production editing.

Introduction

Module 1: AWS Certified Security–Specialty Basics

Lesson 1: AWS Certified Security–Specialty Basics

Learning objectives

1.1 Introduction to Security

1.2 Exam Details

1.3 Course Scope Details

1.4 Certification Candidate Skills

Module 2: Incident Response

Lesson 2: Incident Response

Learning objectives

2.1 Abuse Notice Strategies

2.2 Incident Response Basics

2.3 IR Preparation

2.4 IR Detection & Analysis

2.5 IR Containment Eradication & Recovery

2.6 IR Post-Incident Activity

2.7 Case Study: Compromised EC2

2.8 Question Breakdown

Module 3: Logging and Monitoring

Lesson 3: Security Monitoring

Learning objectives

3.1 Infrastructure Security Monitoring

3.2 Application Security Monitoring

3.3 Account Security Monitoring

3.4 Troubleshooting Security Monitoring

3.5 Case Study: Broken Monitoring

3.6 Question Breakdown

Lesson 4: Logging Solutions

Learning objectives

4.1 Access Logs

4.2 Execution Logs

4.3 Security Logs

4.4 Log Processing

4.5 Case Study: Automated Log Management

4.6 Question Breakdown

Module 4: Infrastructure Security

Lesson 5: Infrastructure Security Part 1

Learning objectives

5.1 Edge Security

5.2 VPC Network Security

5.3 VPC Egress Security

5.4 Multiple VPC Strategies

5.5 Case Study: Multi-scope Infrastructure Design

5.6 Question Breakdown

Lesson 6: Infrastructure Security Part 2

Learning objectives

6.1 Network Troubleshooting

6.2 Host-Based Security

6.3 Case Study: The Golden AMI Pipeline

6.4 Question Breakdown

Module 5: Identity and Access Management

Lesson 7: Permissions and Roles

Learning objectives

7.1 AWS Credentials

7.2 IAM Policy Details

7.3 Policy Evaluation Logic

7.4 Assuming IAM Roles

7.5 Case Study: IAM Policy Examples

7.6 Question Breakdown

Lesson 8: Federation and Resource-based Access Control

Learning objectives

8.1 SAML Federation

8.2 Cognito User Pool Federation

8.3 Cognito Identity Pool Federation

8.4 AWS SSO Federation

8.5 AWS Organizations

8.6 S3 Access Control

8.7 API Gateway and Lambda Access Control

8.8 Troubleshooting Permissions

8.9 Case Study: Broken Permission Examples

8.10 Question Breakdown

Module 6: Data Protection

Lesson 9: Key Management

Learning objectives

9.1 Symmetric Data Encryption

9.2 AWS KMS Basics

9.3 AWS KMS Access Control

9.4 AWS CloudHSM

9.5 AWS Certificate Manager

9.6 Using Keys for Authentication

9.7 Troubleshooting Key Management

9.8 Case Study: CloudWatch Logs Encryption

9.9 Question Breakdown

Lesson 10: Data Encryption At-rest and In Transit

Learning objectives

10.1 Data Encryption At-rest by Default

10.2 Data Encryption At-rest as Option

10.3 Data Encryption At-rest Operations

10.4 Data Encryption In Transit—Web

10.5 Data Encryption In Transit—Storage

10.6 Data Encryption In Transit—Network

10.7 Case Study: End-to-End Encryption

10.8 Question Breakdown

Module 7: Next Steps

Lesson 11: Next Steps

Learning objectives

11.1 Study Strategies

11.2 Study Resources

Homepage: https://www.oreilly.com/library/view/aws-certified-security/9780135771990/

Part 1

Part 2

Part 3

Part 4