Edward'S Aws Certified Security Specialty Course (Scs-C02)

AWS Security Certification Course from someone with years of AWS experience. Covers CloudTrail, GuardDuty, ControlTower!

What you'll learn

Learn about the security capabilities of AWS

AWS Threat Detection and Incident Response

AWS Security Logging and Monitoring

AWS Infrastructure Security

AWS Identity and Access Management

AWS Data Protection

AWS Management and Security Governance

Requirements

AWS experience required: this is an advanced course

Basic IT Security concepts required

Ideally 1 or more associate certificates to have basic knowledge about the common AWS services

Description

If you're looking to prepare for the AWS Certified Security Specialty exam, look no further! I took the exam earlier and passed it without any preparation. This is because of my years of security experience and working with AWS since 2015.In this course, I want to share my knowledge about security and AWS to help you understand how to manage security in AWS. I don't use slides with bullet points but rather try to explain the why, not only the how. This should make it easier for you to retain the knowledge and, with some extra studying, pass the exam! The course contains many demos showing me how to use AWS security services, and how they work together.In the last 8 years, I have been publishing courses to Udemy in Cloud & DevOps technologies I'm very familiar with, using them on a day-to-day basis. This course is no different. Have a look at the preview lectures to see if you like my teaching style. Enroll in my course, and you can contact me through the Q&A or direct message. Up to now, I have personally answered every single question asked to me on Udemy!See you in the course!

Overview

Section 1: Introduction

Lecture 1 Course introduction

Section 2: Domain 1: Threat Detection and Incident Response

Lecture 2 Amazon GuardDuty

Lecture 3 Remediating Findings: Compromised EC2 Instance

Lecture 4 Remediating Findings: Compromised AWS IAM User Credentials

Lecture 5 Remediating Findings: Compromised AWS IAM Roles

Lecture 6 Remediating Findings: Compromised S3 Bucket

Lecture 7 Remediating Findings: Compromised S3 Object

Lecture 8 Remediating Findings: Compromised Containers (ECS, Docker on EC2, and EKS)

Lecture 9 AWS Config

Lecture 10 AWS Security Hub

Lecture 11 AWS Inspector

Lecture 12 AWS Detective

Lecture 13 IAM Access Analyzer

Lecture 14 AWS Systems Manager (SSM) Automations and Automatic EC2 Patching

Section 3: Domain 2: Security Logging and Monitoring

Lecture 15 CloudWatch Alarms

Lecture 16 Introduction to CloudWatch Logs

Lecture 17 CloudWatch Logs and IAM Permission Debugging

Lecture 18 VPC Flow Logs

Lecture 19 DNS Resolver Logs

Lecture 20 Querying CloudTrail with Amazon Athena

Lecture 21 CloudWatch Logs Insights

Section 4: Domain 3: Infrastructure Security

Lecture 22 Security Features on Edge Services (Introduction)

Lecture 23 Application Load Balancer

Lecture 24 Amazon CloudFront with Application Load Balancer

Lecture 25 Allowing only CloudFront traffic in the Application Load Balancer

Lecture 26 The AWS Web Application Firewall (WAF)

Lecture 27 WAF: Geographic Match Rules

Lecture 28 WAF Logging

Lecture 29 WAF Rate Limiting

Lecture 30 AWS Network Firewall

Lecture 31 VPC Endpoints

Lecture 32 VPC Peering with the Transit Gateway

Lecture 33 Transit Gateway testing using the VPC Reachability Analyzer

Section 5: Domain 4: Identity and Access Management

Lecture 34 AWS IAM Identity Center

Lecture 35 Introduction to Amazon Cognito

Lecture 36 Amazon Cognito setup with Web App

Lecture 37 Amazon Cognito With Identity Pool

Lecture 38 Introduction to IAM Roles

Lecture 39 IAM Trust Policies

Lecture 40 IAM Permissions (Policies)

Lecture 41 IAM Policy Simulator

Lecture 42 IAM Permission Boundaries

Lecture 43 Least Privilege Principle - IAM Access Advisor

Lecture 44 Identity vs Resource based policies

Section 6: Domain 5: Data Protection

Lecture 45 S3 - Block Public Access

Lecture 46 S3 - Force On The Wire Encryption

Lecture 47 S3 - At Rest Encryption

Lecture 48 RDS - Private RDS with encryption at rest

Lecture 49 RDS - Enforce on the wire encryption

Lecture 50 Port Forwarding RDS with the AWS SSM Session Manager

Lecture 51 EC2 EBS Volume at rest encryption

Lecture 52 AWS KMS Key Policies

Lecture 53 TLS using the AWS Certificate Manager

Section 7: Domain 6: Management And Security Governance

Lecture 54 Introduction to multiple AWS Accounts (AWS Organizations)

Lecture 55 Creating an AWS Organization

Lecture 56 AWS Control Tower: Introduction and initial setup

Lecture 57 Service Control Policies (SCPs)

Lecture 58 AWS Control Tower: Deep Dive

Lecture 59 Sharing Resources with the AWS Resource Access Manager (RAM)

Section 8: The end!

Lecture 60 The end!

Anyone who wants to take the AWS Security Specialty exam,Any AWS practitioner who wants to learn more about security on AWS