Amazon

AWS Certified Security Study Guide: Specialty (SCS-C01)

(SCS-C01.AE1)
Lessons
Lab
TestPrep
69 Reviews
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Introduction

  • What Does This Course Cover?
  • AWS Certified Security Study Guide–Specialty (SCS-C01) Exam Objectives
  • Objective Map
2

Security Fundamentals

  • Introduction
  • Understanding Security
  • Basic Security Concepts
  • Foundational Networking Concepts
  • Main Classes of Attacks
  • Risk Management
  • Well-Known Security Frameworks and Models
  • Summary
  • Exam Essentials
3

Cloud Security Principles and Frameworks

  • Introduction
  • Cloud Security Principles Overview
  • The Shared Responsibility Model
  • AWS Compliance Programs
  • AWS Well‐Architected Framework
  • AWS Marketplace
  • Summary
  • Exam Essentials
4

Identity and Access Management

  • Introduction
  • IAM Overview
  • How AWS IAM Works
  • Access Management in Amazon S3
  • Identity Federation
  • Multi-Account Management with AWS Organizations
  • Microsoft AD Federation with AWS
  • Protecting Credentials with AWS Secrets Manager
  • Summary
  • Exam Essentials
5

Detective Controls

  • Introduction
  • Stage 1: Resources State
  • Stage 2: Events Collection
  • Stage 3: Events Analysis
  • Stage 4: Action
  • Summary
  • Exam Essentials
6

Infrastructure Protection

  • Introduction
  • AWS Networking Constructs
  • Network Address Translation
  • Security Groups
  • Network Access Control Lists
  • Elastic Load Balancing
  • VPC Endpoints
  • VPC Flow Logs
  • AWS Web Application Firewall
  • AWS Shield
  • Summary
  • Exam Essentials
7

Data Protection

  • Introduction
  • AWS Key Management Service
  • Creating a Customer Master Key in AWS KMS
  • Understanding the Cloud Hardware Security Module
  • AWS Certificate Manager
  • Protecting Your S3 Buckets
  • Amazon Macie
  • Summary
  • Exam Essentials
8

Incident Response

  • Introduction
  • Incident Response Maturity Model
  • Incident Response Best Practices
  • Reacting to Specific Security Incidents
  • Summary
  • Exam Essentials
9

Security Automation

  • Introduction
  • Security Automation Overview
  • Event-Driven Security
  • Using AWS Lambda for Automated Security Response
  • WAF Security Automations
  • AWS Config Auto Remediation
  • Automating Resolution of Findings Using AWS Security Hub
  • Aggregate and Resolve Issues with AWS Systems Manager
  • Summary
  • Exam Essentials
10

Security Troubleshooting on AWS

  • Introduction
  • Using Troubleshooting Tools and Resources
  • Common Access Control Troubleshooting Scenarios
  • Encryption and Decryption Troubleshooting Scenarios
  • Network and Connectivity Troubleshooting Scenarios
  • Summary
  • Exam Essentials
11

Creating Your Security Journey in AWS

  • Introduction
  • Where to Start?
  • Mapping Security Controls
  • Security Journey Phased Example
  • Summary
  • Exam Essentials
A

Appendix A: AWS Security Services Portfolio

  • Amazon Cognito
  • Amazon Detective
  • Amazon GuardDuty
  • Amazon Inspector
  • Amazon Macie
  • AWS Artifact
  • AWS Certificate Manager
  • AWS CloudHSM
  • AWS Directory Service
  • AWS Firewall Manager
  • AWS Identity and Access Management
  • AWS Key Management Service
  • AWS Resource Access Manager
  • AWS Secrets Manager
  • AWS Security Hub
  • AWS Shield
  • AWS Single Sign-On
  • AWS Web Application Firewall
B

Appendix B: DevSecOps in AWS

  • Introduction
  • Dev + Sec + Ops
  • AWS Developer  Tools
  • Creating a CI/CD Using AWS  Tools
  • Evaluating Security in Agile Development
  • Creating the Correct Guardrails Using SAST and DAST
  • Security as Code: Creating Guardrails and Implementing Security by Design

1

Cloud Security Principles and Frameworks

  • Using the Well-Architected Tool
2

Identity and Access Management

  • Creating an IAM Policy
  • Creating an SQS Queue
  • Creating an IAM Role
  • Creating an Amazon S3 Bucket
  • Enabling Access Logging for an Amazon S3 Bucket
  • Creating an Amazon Cognito User Pool
3

Detective Controls

  • Creating a VPC Endpoint in Amazon OpenSearch Service
  • Creating an Amazon SNS Topic
  • Creating a CloudWatch Alarm
  • Enabling CloudTrail
  • Enabling and Disabling GuardDuty
4

Infrastructure Protection

  • Creating a Subnet within a VPC
  • Creating a Custom AWS VPC
  • Creating a Security Group
  • Creating an Elastic Load Balancer
  • Creating a Virtual Private Gateway
  • Creating an Interface Endpoint
  • Creating a Gateway Endpoint
  • Creating VPC Flow Logs
  • Creating a Kinesis Firehose Delivery Stream
5

Data Protection

  • Creating and Disabling an AWS KMS Key
  • Creating an AWS CloudHSM Cluster
  • Creating CloudFront
6

Incident Response

  • Using Amazon EC2
7

Security Automation

  • Viewing Logs Using the Lambda Console
8

Security Troubleshooting on AWS

  • Creating a Transit Gateway
  • Creating a VPC Peering Connection
  • Creating an Internet Gateway
  • Creating a Custom Route Table

AWS Certified Security Study Guide: Specialty (SCS-C01)

$240.00

Buy Now

Related Courses

All Courses