AWS Security Fundamentals Free elearning
Getting Started with AWS Security Identity and Compliance
Exam Readiness – AWS Security Speciality – Free from AWS.
AWS Security Specialty Certification exam Content by Domain.
| Domain | % of Exam |
|---|---|
| 1.0 Incident Response | 12% |
| 2.0 Logging and Monitoring | 20% |
| 3.0 Infrastructure Security | 26% |
| 4.0 Identity and Access Management | 20% |
| 5.0 Data Protection | 22% |
Some of the tools that we should be comfortable with before taking the exam:
- AWS Trusted Advisor:
- AWS Config:
- AWS Cloudformation:
- Amazon API Gateway:
- AWS CloudTrail:
- Amazon Cloudwatch:
- VPC flow logs:
- AWS Service Catalog:
- Amazon GuardDuty:
- Will not protect against DDoS attacks of an entire application.
Some of the incident indicators:
- Logs and monitors
- Billing Activity
- Threat Intelligence
- AWS Support
- Public Response
Incident Response
- Instance Isolation
- Exposed Access Keys: Invalidate Credentials, Revoke privileged access, Determine the source of the IAM access keys, verify integrity and determine blast radius.
Infrastructure security
Some of the tools we should know:
- Amazon Route 53 – Only available AWS Service with 100% SLA.
- AWS WAF
- Amazon CloudFront
- AWS Shield
Identity And Access Management
- IAM Limits
- AWS Managed Microsoft AD
- AD Connector
- Simple AD
- Amazon Cognito
- AWS STS
Data Protection
- AWS Key Management Service
- AWS Certificate Manager
- AWS Cloud HSM
- Encryption at Rest (For DB, S3, Glacier, Glacier vault etc)
- Client Side encryption
- Service Side encryption
- Encryption at Transit (RDS, Dynamodb, webapps etc)
- AWS Secrets Manager
- AWS Systems Manager
https://aws.amazon.com/compliance/shared-responsibility-model/