Securing AWS: Data Protection
Securing AWS: Data Protection
- identify the subject areas covered in this course
- describe AWS cryptography basics
- configure access keys and key pairs
- compare client-side and server-side encryption
- describe AWS KMS
- describe AWS Certificate Manager
- define CloudHSM
- list attributes of cryptographic hashing, options for encrypting an S3 bucket object, and security services provided by digital signatures
There are a number of mechanisms in Amazon Web Services for securing data-at-rest and data-in-transit. Explore topics including cryptography basics, access keys and pairs, client-side vs. server-side encryption, AWS KMS, Certificate Manager, and CloudHSM.
Securing AWS: Fundamentals
Securing AWS: Fundamentals
- discover the key concepts covered in this course
- describe the AWS Shared Responsibility Model
- recognize the CIA triad
- describe control types and categories
- identify core AWS services
- specify common threats to AWS
- describe AWS compliance services
- describe the Shared Responsibility Model, security services and controls, core AWS services and threats, and AWS compliance
Examine foundational topics for securing Amazon Web Services, such as the shared responsibility model, security basics, core AWS services and related threats, and compliance.
Securing AWS: Identity & Access Management
Securing AWS: Identity & Access Management
- discover the key concepts covered in this course
- describe root account security
- compare credentials, passwords, and access keys
- configure the AWS CLI
- describe how a bastion host is used
- configure the AWS Identity and Access Management (IAM) service
- define IAM managed policies
- describe root account security, credentials, AWS CLI, bastions, and AWS Identity and Access Management (IAM)
Discover how to apply best practices to the new Amazon Web Sservices root account and examine credentials, passwords, and access key usage. Identity and Access Management (IAM) topics such as users, groups, roles, and managed policies are also covered.
Securing AWS: Infrastructure Security
Securing AWS: Infrastructure Security
- identify the subject areas covered in this course
- design a secure virtual private cloud
- configure network ACLs
- configure security groups for Linux instances
- configure security groups for Windows instances
- describe AWS WAF
- describe AWS Shield and AWS Inspector
- define AWS GuardDuty
- configure a managed site-to-site VPN
- define AWS SSO and AWS Cognito
- describe secure VPC design, NACLs, security groups, AWS WAF, AWS Shield and Inspector, Site-to-Site VPN, AWS SSO, and AWS Cognito
Explore a variety of Amazon Web Services features that can help the consumer protect cloud infrastructures and resources, including NACLs, security groups, and Web Application Firewalls.