English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 3h 46m | 456 MB
Learn best practices, patterns, and processes for designing and implementing data security with the Amazon Web Services (AWS) cloud. This course can also help to prepare you for the AWS Certified Solutions Architect – Associate exam. Your instructor, Lynn Langit, covers how to use AWS design patterns, tools, and best practices for security, governance, and validation of data used in AWS Identity and Access Management (IAM), Virtual Private Cloud (VPC), and Route 53. She also goes over other AWS tools, such as AWS CloudWatch, CloudTrail, and Inspector; explores encryption concepts; looks at working with security scenarios; and reviews common patterns and practices for implementing disaster recovery processes.
Topics include:
- Core AWS security design concepts
- Designing using a data flow diagram
- Using negative use cases
- Working with IAM user and role objects
- Design concepts for encryption
- Design encryption with AWS Key Management Service
- Third-party data security tools
- Designing for disaster recovery services
Table of Contents
Introduction
1 Welcome
2 About using cloud services
3 How to use the exercise files
Design Concepts for Security
4 AWS data security design concepts
5 Understand the AWS shared security model
6 Design using a data flow diagram
7 Use negative use cases
8 Design using a threat model
Design Security with AWS Services
9 Core AWS security services
10 Design security with IAM – Users and roles
11 IAM root account
12 Design security with IAM – Policies
13 Security with CloudWatch and CloudTrail
14 Design security for EC2 with Inspector
15 Design security for EC2 with WAF
16 Design security for VPC
Design Concepts for Encryption
17 Understanding encryption
18 Understanding encryption keys
19 Client-side vs. server-side encryption
20 Encryption at rest and in transit
21 Design PCI DSS requirements
22 Encryption concepts summary
Design Encryption with AWS Services
23 What is a customer master key (CMK)
24 Design encryption with KMS
25 Use KMS
26 Understand KMS policies and key caching
27 Understand CloudHSM
28 Identify sensitive data using AWS Macie
29 Design encryption with S3 for files
30 Design encryption for RDS data
31 Design encryption for EC2 EBS volumes
32 Design encryption for IoT devices
33 Encryption with Certificate Manager
Security Scenarios and Tradeoffs
34 Third-party data security tools
35 AWS cloud compliance
36 Scenario 1 – Public website security
37 Scenario 2 – Data pipeline security
38 Scenario 3 – Data lake security
39 Scenario 4 – IoT application security
40 Summary of AWS security practices
Design for Disaster Recovery Services
41 Disaster recovery areas and metrics
42 Disaster recovery patterns for data
43 Recover EC2 with EBS and more
44 Recover data with AWS Import_Export
45 Extend backups via Storage Gateway
46 Recover DNS with Route 53
47 Disaster recovery practices
Conclusion
48 Next steps
Resolve the captcha to access the links!