AWS Certified Security
People are viewing this right now
What will be Cover ?
Module 1 - Incident Response
- AWS services for incident investigation: CloudTrail AWS Config VPC Flow Logs CloudWatch Logs Responding to compromised IAM credentials Isolating compromised EC2 instances Using Amazon GuardDuty, Macie, Inspector for detection Automating incident response with EventBridge, Lambda, SSM Automation
Module 2 - Logging and Monitoring
- Implementing centralized logging: CloudWatch CloudTrail S3 Kinesis OpenSearch Creating metric filters and alarms Log analysis and retention strategies Managing logs for compliance (encryption, lifecycle) Using Security Hub, GuardDuty, Config Rules
Module 3 - Infrastructure Security
- Designing secure VPC architectures: Security Groups vs. NACLs Bastion hosts VPC peering Transit Gateway security AWS Network Firewall, WAF, Shield Securing EC2 instances: Patching, using Systems Manager Restricting inbound/outbound traffic Use of SCPs and IAM boundaries
Module 4 - Identity and Access Management
- IAM best practices: Roles, Policies, Permissions boundaries Least privilege and role assumption Federation and SSO: Cognito IAM Identity Center (SSO) SAML MFA setup and enforcement AWS Organizations & Service Control Policies (SCPs) Cross-account access strategies
Module 5 - Data Protection
- Encryption at rest and in transit: KMS Client-side encryption Server-side (SSE-S3, SSE-KMS, SSE-C) S3 Bucket policies and ACLs Using AWS Macie for sensitive data classification Key rotation and KMS best practices EBS, RDS, DynamoDB encryption settings
Course Detail
AWS Certified Security – Specialty – Course Content
This certification validates advanced knowledge of data protection, identity management, infrastructure security, and incident response on AWS.
-
Module 1: Incident Response
- AWS services for incident investigation:
- CloudTrail
- AWS Config
- VPC Flow Logs
- CloudWatch Logs
- Responding to compromised IAM credentials
- Isolating compromised EC2 instances
- Using Amazon GuardDuty, Macie, Inspector for detection
- Automating incident response with EventBridge, Lambda, SSM Automation
- AWS services for incident investigation:
-
Module 2: Logging and Monitoring
- Implementing centralized logging:
- CloudWatch
- CloudTrail
- S3
- Kinesis
- OpenSearch
- Creating metric filters and alarms
- Log analysis and retention strategies
- Managing logs for compliance (encryption, lifecycle)
- Using Security Hub, GuardDuty, Config Rules
- Implementing centralized logging:
-
Module 3: Infrastructure Security
- Designing secure VPC architectures:
- Security Groups vs. NACLs
- Bastion hosts
- VPC peering
- Transit Gateway security
- AWS Network Firewall, WAF, Shield
- Securing EC2 instances:
- Patching, using Systems Manager
- Restricting inbound/outbound traffic
- Use of SCPs and IAM boundaries
- Designing secure VPC architectures:
-
Module 4: Identity and Access Management
- IAM best practices: Roles, Policies, Permissions boundaries
- Least privilege and role assumption
- Federation and SSO:
- Cognito
- IAM Identity Center (SSO)
- SAML
- MFA setup and enforcement
- AWS Organizations & Service Control Policies (SCPs)
- Cross-account access strategies
-
Module 5: Data Protection
- Encryption at rest and in transit:
- KMS
- Client-side encryption
- Server-side (SSE-S3, SSE-KMS, SSE-C)
- S3 Bucket policies and ACLs
- Using AWS Macie for sensitive data classification
- Key rotation and KMS best practices
- EBS, RDS, DynamoDB encryption settings
- Encryption at rest and in transit:
-
Key AWS Services to Master
- Identity & Access: IAM, Organizations, SSO
- Encryption & Key Management: KMS
- Logging & Monitoring: CloudTrail, CloudWatch, Config
- Threat Detection & Security Services: GuardDuty, Macie, Security Hub, Inspector
- Networking & Protection: VPC, NACLs, Security Groups, Network Firewall
- Data Security: S3, EBS, RDS encryption
- Application Protection: AWS WAF, AWS Shield, Route 53 DNS security
AWS Certified Security