AWS Certified Security Specialty 2022

All you need to master AWS Certified Security Specialty certification.
AWS Certified Security Specialty 2022
File Size :
16.35 GB
Total length :
28h 49m



Zeal Vora


Last update

Last updated 11/2022



AWS Certified Security Specialty 2022

What you’ll learn

Will be prepared to give AWS Certified Security Specialty Exam
You will be able to Master the Security aspect of AWS
Gain deep insights about Enterprise grade Security implementation.
Will be able to detect attacks and protect the AWS infrastructure from Hackers.

AWS Certified Security Specialty 2022


Basics of AWS
AWS Solutions Architect Associate or Equivalent Knowledge


AWS Certified Security – Specialty certification is one of the widely recognized security certifications across the industry. With the number of security breaches increasing every year, there is a huge demand for individuals who understands the security side of things, specifically Cloud-based Infrastructures.This course is specially designed for the aspirants who intend to give the AWS Certified Security Specialty 2022 certification as well for those who want to master the security side of AWS.Throughout the course, we explore various Real World scenarios and look into why do website gets hacked, what could have been done to prevent it, and learn the best practices related to Security for your AWS environment.Since this is a Specialty level certification, it is very important that the candidate has a prior hands-on experience in AWS, and this also acts as a pre-requisite to this certification. We do start our journey into the security side of things from scratch.With tons of quizzes in order to prepare you for exams, Real-world scenarios, and great Support from our Instructor in-case of doubts, this course is all you need to master the Security side of AWS and gain the certification.I look forward to seeing you join us in this exciting journey on AWS Security.


Section 1: Getting started with the course

Lecture 1 Overview of the Course

Lecture 2 Our Community

Section 2: Domain 1 – Incident Response

Lecture 3 Introduction to Domain 1

Lecture 4 Case Study of Hacked Server

Lecture 5 AWS Abuse Reports

Lecture 6 AWS GuardDuty

Lecture 7 Update – Guard Duty

Lecture 8 Whitelisting Alerts in AWS GuardDuty

Lecture 9 Document – GuardDuty Alert Lists

Lecture 10 Centralized Dashboards for GuardDuty Findings

Lecture 11 Incident Response

Lecture 12 Incident Response Use-Cases for Exams

Lecture 13 Use Case – Dealing with Exposed Access Keys

Lecture 14 Use Case – Dealing with compromised EC2 Instances

Lecture 15 Amazon Detective

Lecture 16 Incident Response in Cloud

Lecture 17 Penetration Testing in AWS (New)

Lecture 18 Notes – Domain 1

Section 3: Domain 2 – Logging & Monitoring

Lecture 19 Introduction to Vulnerability, Exploit, Payload

Lecture 20 VEP Practical – Hacking inside a test farm

Lecture 21 Understanding Automated Vulnerability Scanners

Lecture 22 Common Vulnerabilities Exposures & CVSS

Lecture 23 Introduction to AWS Inspector

Lecture 24 New EC2 GUI

Lecture 25 AWS Inspector Vulnerability Scans

Lecture 26 AWS Security Hub

Lecture 27 Overview of Layer 7 Firewalls

Lecture 28 Understanding AWS WAF

Lecture 29 Deploying AWS WAF

Lecture 30 Overview of AWS Systems Manager

Lecture 31 Configure SSM Agent

Lecture 32 Overview of Sessions Manager

Lecture 33 SSM – Run Command

Lecture 34 Overview of Patch Manager

Lecture 35 Parameter Store

Lecture 36 Systems Manager Automation

Lecture 37 Systems Manager Inventory

Lecture 38 Creating our First Inventory in SSM

Lecture 39 Overview of Unified CloudWatch Agent

Lecture 40 Unified CloudWatch Agent – Practical

Lecture 41 Document – Unified CloudWatch Agent

Lecture 42 Amazon EventBridge

Lecture 43 Amazon Athena

Lecture 44 Revising AWS Config

Lecture 45 Revising AWS Config – Practical

Lecture 46 Trusted Advisor

Lecture 47 Understanding CloudTrail

Lecture 48 Creating First CloudTrail Trail

Lecture 49 CloudTrail Event Types

Lecture 50 CloudTrail – Log File Integrity Validation

Lecture 51 Document – S3 Log File Validation

Lecture 52 Digest Delivery Times

Lecture 53 Overview of Amazon Macie

Lecture 54 Detecting Sensitive Files with Macie

Lecture 55 S3 Event Notification

Lecture 56 Revising VPC Flow Logs

Lecture 57 VPC Flow Logs In-Detail

Lecture 58 Centralized Logging Architecture

Lecture 59 Cross-Account Logging for CloudTrail

Lecture 60 Document – Centralized Logging Policy

Lecture 61 Considerations – S3 Bucket Policy for Cross Account CloudTrail

Lecture 62 Document – Conditional S3 Bucket Policy for CloudTrail

Lecture 63 AWS SNS

Lecture 64 Streaming Data & Amazon Kinesis

Lecture 65 Amazon Kinesis Service Offerings

Lecture 66 Notes – Domain 2

Section 4: Domain 3 – Infrastructure Security

Lecture 67 Bastion Hosts & SSH Agent Forwarding

Lecture 68 Document – Commands for SSH Agent Forwarding

Lecture 69 Introduction to Virtual Private Networks

Lecture 70 Understanding AWS Client VPN Endpoints

Lecture 71 Creating Client VPN Endpoints

Lecture 72 Document – Commands to Setup ClientVPN Endpoint

Lecture 73 Overview of AWS VPN Tunnels

Lecture 74 VPC Peering

Lecture 75 Overview of VPC Endpoints

Lecture 76 Implementing Gateway VPC Endpoints

Lecture 77 VPC Endpoint Policies

Lecture 78 Overview of Interface VPC Endpoints

Lecture 79 Implementing Interface Endpoints

Lecture 80 Overview of VPC Endpoint Services

Lecture 81 Network ACLs

Lecture 82 NACL – Rule Ordering

Lecture 83 Understanding Stateful vs Stateless Firewalls

Lecture 84 IDS / IPS in AWS

Lecture 85 EBS Architecture & Secure Data Wiping

Lecture 86 Understanding the Content Delivery Networks

Lecture 87 Demo – CloudFront Distribution

Lecture 88 Understanding Edge Locations

Lecture 89 Deploying CloudFront Distribution

Lecture 90 Origin Access Identity

Lecture 91 Overview of CloudFront Signed URLs

Lecture 92 Implementing CloudFront Signed URLs

Lecture 93 Field Level Encryption in CloudFront

Lecture 94 Real World example on DOS Implementation

Lecture 95 AWS Shield

Lecture 96 Mitigating DDOS Attacks

Lecture 97 Document – DDoS References

Lecture 98 Introduction to Application Programming Interface (API)

Lecture 99 Understanding the working of API

Lecture 100 Building Lambda Function for our API

Lecture 101 Building our first API with API Gateway

Lecture 102 Lambda & S3

Lecture 103 EC2 Key-Pair Troubleshooting

Lecture 104 EC2 Tenancy Attribute

Lecture 105 AWS Artifact

Lecture 106 [email protected]

Lecture 107 [email protected] Demo

Lecture 108 DNS Attributes in VPC

Lecture 109 DNS Query Logging

Lecture 110 Implementing Route53 Query Logging

Lecture 111 Overview of Network Firewall

Lecture 112 Deploying Network Firewall

Lecture 113 Firewall Manager

Lecture 114 Notes – Domain 3

Section 5: Domain 4 – Identity & Access Management

Lecture 115 Overview of AWS Organizations

Lecture 116 Creating our first AWS Organization & SCP

Lecture 117 Organizational Unit (OU) in AWS organization

Lecture 118 IAM Policy Evaluation Logic

Lecture 119 Identity and Resource Based Policies

Lecture 120 Understanding IAM Policies

Lecture 121 IAM Policies – Part 02

Lecture 122 Identity Account Architecture

Lecture 123 Creating Cross-Account IAM Roles

Lecture 124 Cross Account IAM Policy Document

Lecture 125 External ID in Delegation

Lecture 126 EC2 Instance Meta-Data

Lecture 127 Revising IAM Role

Lecture 128 Understanding working of an IAM role

Lecture 129 IPTABLES & Instance Meta-Data

Lecture 130 Document – Commands

Lecture 131 IAM – Version Element

Lecture 132 IAM Policy Variables

Lecture 133 Document – IAM Policy Variable

Lecture 134 Principal and NotPrincipal Element

Lecture 135 Document – Resource Policy for Principal Element

Lecture 136 Implementing NotPrincipal Element

Lecture 137 Document – NotPrincipal S3 Bucket Policy

Lecture 138 Conditionl Element

Lecture 139 Document – Condition Policy Examples

Lecture 140 AWS Security Token Service

Lecture 141 Federation

Lecture 142 Understanding SAML for SSO

Lecture 143 Overview of AWS Single Sign-On

Lecture 144 Implementing AWS SSO

Lecture 145 Integrating AWS SSO with AWS CLI

Lecture 146 Amazon Cognito

Lecture 147 Understanding Active Directory

Lecture 148 Introduction to AWS Directory Service

Lecture 149 Domain Joining EC2 instance with Directory Service

Lecture 150 Document – Joining Linux Instance with SimpleAD

Lecture 151 Trusts in Active Directory

Lecture 152 S3 Bucket Policies

Lecture 153 Bucket Policy Document

Lecture 154 Regaining Access to Locked S3 Bucket

Lecture 155 Bucket Policy Document – Deny Statements

Lecture 156 Cross Account S3 Bucket Configuration

Lecture 157 Document – Cross Account S3 Bucket Policy.

Lecture 158 Canned ACLs

Lecture 159 Document – Canned ACLs Commands

Lecture 160 Understanding Presigned URLs

Lecture 161 S3 Versioning

Lecture 162 S3 – Cross Region Replication

Lecture 163 S3 Object Lock

Lecture 164 MFA Protected API Access

Lecture 165 Document – MFA CLI Commands

Lecture 166 IAM Permission Boundaries

Lecture 167 IAM and S3

Lecture 168 Document – IAM Policies

Lecture 169 Troubleshooting IAM Policies

Lecture 170 Document – Troubleshooting Policies

Lecture 171 Troubleshooting Answers – Solution 01

Lecture 172 Troubleshooting Answers – Solution 02

Lecture 173 Troubleshooting Answers – Solution 03

Lecture 174 Troubleshooting Answers – Solution 04

Lecture 175 Troubleshooting Answers – Solution 05

Lecture 176 AWS Control Tower

Lecture 177 IAM Service Role and Pass Role

Lecture 178 Document Code – Pass Role Policy

Lecture 179 Amazon WorkMail

Lecture 180 Notes – Domain 4

Section 6: Domain 5 – Data Protection

Lecture 181 Introduction to Cryptography

Lecture 182 Understanding communication Protocols

Lecture 183 Plain Text vs Encrypted Text Based Protocols

Lecture 184 Understanding the Disk Level encryption schemas

Lecture 185 AWS CloudHSM

Lecture 186 Important Pointers – CloudHSM

Lecture 187 AWS Key Management Service

Lecture 188 Creating our first Customer Managed Key (CMK)

Lecture 189 Document – CMKs References

Lecture 190 Envelope Encryption with KMS

Lecture 191 Schedule Key Deletion

Lecture 192 KMS Key Categories

Lecture 193 Overview of Asymmetric Key Encryption

Lecture 194 Asymmetric Keys with KMS

Lecture 195 Document – Asymmetric Encryption Commands

Lecture 196 Digital Signing with KMS

Lecture 197 Document – Digital Signing with KMS Commands

Lecture 198 AWS Key Management Service – Data Key Caching

Lecture 199 AWS Key Management Service – CMK Deletion & EBS Use-Case

Lecture 200 Access Control in KMS

Lecture 201 Importance of Default Key Policy

Lecture 202 Reducing Risk of Unmanageable CMK

Lecture 203 KMS Policy Evaluation Logic – Use-Case 1

Lecture 204 Document – KMS Use-Case 1

Lecture 205 KMS Policy Evaluation Logic – Use Case Solution – 01

Lecture 206 KMS Policy Evaluation Logic – Use Case 2

Lecture 207 Document – KMS Use Case 02

Lecture 208 KMS Policy Evaluation Logic – Use Case 02 Solution

Lecture 209 KMS Policy Evaluation Logic – Use Case – 3

Lecture 210 Document – KMS Use Case 03

Lecture 211 KMS Policy Evaluation Logic Solution – Use Case 3

Lecture 212 KMS Grants

Lecture 213 Document – KMS Grants Commands

Lecture 214 Importing Key Material to KMS

Lecture 215 Document – Imported Key Material Commands

Lecture 216 KMS ViaService

Lecture 217 Document – KMS ViaService Policy

Lecture 218 Migrating Encrypted KMS Data Across Regions

Lecture 219 Multi-Region KMS

Lecture 220 Benefits of CloudHSM over KMS

Lecture 221 S3 Encryption

Lecture 222 Load Balancing in AWS

Lecture 223 OSI Model & AWS ELB

Lecture 224 Classic Load Balancers

Lecture 225 Overview of Application Load Balancers

Lecture 226 Listener and Target Groups

Lecture 227 ALB Practicals

Lecture 228 Network Load Balancers

Lecture 229 ELB Access Logs

Lecture 230 Understanding HTTPS Connections

Lecture 231 Overview of AWS Certificate Manager

Lecture 232 Issuing Certificates with ACM

Lecture 233 Glacier Vault and Vault Lock

Lecture 234 DynamoDB Encryption

Lecture 235 Overview of AWS Secrets Manager

Lecture 236 RDS Integration with AWS Secrets Manager

Lecture 237 Encryption Context in KMS

Lecture 238 Document – Encrypted Context Commands

Lecture 239 DNS Cache Poisoning Attack

Lecture 240 Document – External Link

Lecture 241 Overview of DNSSEC

Lecture 242 PCAP Files – DNS and DNSSEC

Lecture 243 Configuring DNSSEC in Route53

Lecture 244 AWS Signer

Lecture 245 Integrating Signer with Lambda

Lecture 246 Notes – Domain 5

Section 7: Important points for Exams

Lecture 247 Our Community

Lecture 248 Important Pointers – Domain 1

Lecture 249 Important Pointers – Domain 2

Lecture 250 Important Pointers – Domain 3

Lecture 251 Important Pointers – Domain 4

Lecture 252 Important Pointers – Domain 5

Lecture 253 Updated – Important Pointers for Exams

Lecture 254 Updated – Important Pointers for Exams

Lecture 255 Notes – Important Pointers for Exams

Those interested in gaining the AWS Security Specialty Certification,Those who wants to gain deep security insights related to AWS

Course Information:

Udemy | English | 28h 49m | 16.35 GB
Created by: Zeal Vora

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top