Getting started with the course
Understanding AWS Security Specialty exams
Domain 1 - Incident Response
Introduction to Domain 1
Case Study of Hacked Server
Dealing with AWS Abuse Notice
AWS GuardDuty
Whitelisting Alerts in AWS GuardDuty
Document - GuardDuty Alert Lists
Centralized Dashboards for GuardDuty Findings
Understanding Incident Response Terminology
Incident Response Use-Cases for Exams
Use Case - Dealing with Exposed Access Keys
Use Case - Dealing with compromised EC2 Instances
Incident Response in Cloud
Penetration Testing in AWS (New)
Quiz - Domain 1: Incident Response
Domain 2 - Logging & Monitoring
Introduction to Vulnerability, Exploit, Payload
VEP Practical - Hacking inside a test farm
Understanding Automated Vulnerability Scanners
Common Vulnerabilities Exposures & CVSS
Introduction to AWS Inspector
AWS Inspector Vulnerability Scans
AWS Security Hub
Overview of Layer 7 Firewalls
Understanding AWS WAF
Implementing AWS WAF with ALB
Overview of AWS Systems Manager
Configuring SSM Agent
Overview of Sessions Manager
SSM - Run Command
Overview of Patch Manager
Implementing Compliance and Patch Baselines
EC2 Systems Manager - Parameter Store
Understanding CloudWatch Logs
Pushing Linux system logs to CloudWatch
Document - CloudWatch Logs Policies
CloudWatch Events
AWS Athena
Athena - Code Samples
Overview of AWS CloudTrail
Improved Governance - AWS Config 01
Improved Governance - AWS Config 02
Trusted Advisor
CloudTrail - Log File Integrity Validation
Document - S3 Log File Validation
Digest Delivery Times
Overview of AWS Macie (New)
Creating our First Alert with AWS Macie (New)
S3 Event Notification
VPC Flow Logs
Quiz - Domain 2: Logging & Monitoring
Domain 3 - Infrastructure Security
Implementing Bastion Hosts
Introduction to Virtual Private Networks
OpenVPN is Awesome
OpenVPN - Part 02
Overview of AWS VPN Tunnels
Using AWS VPN for On-Premise to AWS connectivity
Configuring first IPSec tunnel with OpenSwan - Part 01
Configuring first IPSec tunnel with OpenSwan - Part 02
Inter-Region VPC Peering
VPC Endpoints
Network ACL
Understanding Stateful vs Stateless Firewalls
Understanding Networking Sockets
Revising Security Groups
Connection of Security Group & NIC Cards
Egress Rules - The Real Challenge
IPTABLES & Instance Metadata
IDS / IPS in AWS
EBS Architecture & Secure Data Wiping
Understanding the Content Delivery Networks
Demo - CloudFront Distribution
Understanding Edge Locations
Deploying Cloudfront Distribution - Part 01
Understanding the Origin Access Identity
Understanding importance of SNI in TLS protocol
CloudFront Signed URL - 01
CloudFront Signed URL - 02
Real World example on DOS Implementation
AWS Shield
Mitigating DDOS Attacks
Document - DDoS References
Introduction to Application Programming Interface (API)
Understanding the working of API
Building Lambda Function for our API
Building our first API with API Gateway
Lambda & S3
EC2 Key-Pair Troubleshooting
EC2 Tenancy Attribute
AWS Artifact
Lambda@Edge
AWS Simple Email Service (SES) (New)
Quiz - Domain 3: Infrastructure Security
Domain 4 - Identity & Access Management
Understanding AWS Organizations
AWS Organizations - Practical
Organizational Unit (OU) in AWS organization
IAM Policy Evaluation Logic
Understanding IAM Policies
IAM Policies - Part 02
Delegation - Cross Account Trust - Part 1
Delegation - Cross Account Trust - Part 2
Cross Account IAM Policy Document
Revising AWS CLI
Revising IAM Role
EC2 Instance Meta-Data
Understanding working of an IAM role
IAM - Version Element
Document - IAM Policy Variable
IAM Policy Variables
Principal and NotPrincipal Element
Document - Resource Policy for Principal Element
Implementing NotPrincipal Element
Document - NotPrincipal S3 Bucket Policy
Conditionl Element
Document - Condition Policy Examples
AWS Security Token Service
Understanding Federation - Part 01
Understanding Federation - Part 02
Understanding SAML for SSO
Overview of AWS Single Sign-On
Implementing AWS SSO
Integrating AWS SSO with AWS CLI
AWS Cognito
Understanding Active Directory
Introduction to AWS Directory Service
Domain Joining EC2 instance with Directory Service
Trusts in Active Directory
IAM & S3
S3 Bucket Policies
Bucket Policy Document - Condition based on IP Address
Cross Account S3 Bucket Configuration
Document - Cross Account S3 Bucket Policy
Canned ACL's
Understanding Presigned URLs
S3 - Versioning
S3 - Cross Region Replication
IAM Permission Boundaries (New)
Troubleshooting IAM Policies
Document - Troubleshooting Policies
Troubleshooting Answers - Solution 01
Troubleshooting Answers - Solution 02
Troubleshooting Answers - Solution 03
Troubleshooting Answers - Solution 04
Troubleshooting Answers - Solution 05
Quiz - Domain 4: Identity & Access Management
Domain 5 - Data Protection
Introduction to Cryptography
Plain Text vs Encrypted Text Based Algorithms
CloudHSM
AWS Key Management Service
AWS Key Management Service - Part 02
AWS Key Management Service - Part 03
AWS Key Management Service - Data Key Caching
AWS Key Management Service - Scheduled CMK Deletion
AWS Key Management Service - CMK Deletion & EBS Use-Case
Reducing Risk of Unmanageable CMK
KMS - Authentication and Access Control
KMS Policy Evaluation Logic - Use Case Solution - 01
Document - KMS Use Case 01
KMS Policy Evaluation Logic - Use Case Solution - 01
KMS Policy Evaluation Logic - Use Case 02
Document - KMS Use Case 02
KMS Policy Evaluation Logic - Use Case Solution - 02
KMS Policy Evaluation Logic - Use Case - 03
Document - KMS Use Case 03
KMS Policy Evaluation Logic - Use Case Solution - 03 (New)
KMS Grants
Document - KMS Grants Commands
Importing Key Material to KMS
Document - Imported Key Material Commands
KMS ViaService
Document - KMS ViaService Policy
Migrating Encrypted KMS Data Across Regions
S3 Encryption
Revising ELB Listener Configuration
ELB Listeners - Understanding HTTP vs TCP Listeners
Understanding AWS Certificate Manager
Deploying SSL/TLS certificate with ACM
Configuring ELB with HTTPS for SSL Offloading
Glacier Vault and Vault Lock
DynamoDB Encryption
Overview of AWS Secrets Manager
RDS Integration with AWS Secrets Manager
Quiz - Domain 5: Data Protection
Important points for Exams
Important Pointers - Domain 1
Final Exam Practice Test - Domain 1
Important Pointers - Domain 2
Final Exam Practice Test - Domain 2
Important Pointers - Domain 3
Final Exam Practice Test - Domain 3
Important Pointers - Domain 4
Final Exam Practice Test - Domain 4
Important Pointers - Domain 5
Final Exam Practice Test - Domain 5
Updated - Important Pointers for Exams