AWS Security Fundamentals Free elearning
Getting Started with AWS Security Identity and Compliance
Exam Readiness – AWS Security Speciality – Free from AWS.
AWS Security Specialty Certification exam Content by Domain.
Domain | % of Exam |
---|---|
1.0 Incident Response | 12% |
2.0 Logging and Monitoring | 20% |
3.0 Infrastructure Security | 26% |
4.0 Identity and Access Management | 20% |
5.0 Data Protection | 22% |
Some of the tools that we should be comfortable with before taking the exam:
- AWS Trusted Advisor:
- AWS Config:
- AWS Cloudformation:
- Amazon API Gateway:
- AWS CloudTrail:
- Amazon Cloudwatch:
- VPC flow logs:
- AWS Service Catalog:
- Amazon GuardDuty:
- Will not protect against DDoS attacks of an entire application.
Some of the incident indicators:
- Logs and monitors
- Billing Activity
- Threat Intelligence
- AWS Support
- Public Response
Incident Response
- Instance Isolation
- Exposed Access Keys: Invalidate Credentials, Revoke privileged access, Determine the source of the IAM access keys, verify integrity and determine blast radius.
Infrastructure security
Some of the tools we should know:
- Amazon Route 53 – Only available AWS Service with 100% SLA.
- AWS WAF
- Amazon CloudFront
- AWS Shield
Identity And Access Management
- IAM Limits
- AWS Managed Microsoft AD
- AD Connector
- Simple AD
- Amazon Cognito
- AWS STS
Data Protection
- AWS Key Management Service
- AWS Certificate Manager
- AWS Cloud HSM
- Encryption at Rest (For DB, S3, Glacier, Glacier vault etc)
- Client Side encryption
- Service Side encryption
- Encryption at Transit (RDS, Dynamodb, webapps etc)
- AWS Secrets Manager
- AWS Systems Manager
https://aws.amazon.com/compliance/shared-responsibility-model/