English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 3h 06m | 402 MB
Regulations like GDPR have made security a top priority for every organization. Luckily, Amazon Web Services offers a plethora of tools for securing cloud-based architecture. This course teaches IT pros how to use AWS advanced security services, techniques, and tools to protect their users, data, apps, and infrastructure. Instructor Lynn Langit begins with the core tasks and services: setting up the AWS root account, billing, and tagging. She then shows how to set up strong authentication with AWS Identity and Access Management (IAM), Config, Simple AD, and full-fledged Active Directory. She covers infrastructure protection with VPC objects such as subnets, and data protection with KMS and Macie. Finally, she reviews security requirements for different application architectures and the associated AWS security solutions.
Note: This course can also be used to prepare for the corresponding domain of the AWS Certified Solutions Architect (Professional) exam.
Topics include:
- Five principals of well-architected security solutions
- Core AWS account tools and IAM objects
- Implementing IAM
- Implementing infrastructure protection
- Implementing data protection
- Implementing app security
- Preparing for a security audit
Table of Contents
Introduction
1 Welcome
2 What you should know
3 About using cloud services
Implement Core Security Tasks
4 AWS Shared Security Responsibility Model overview
5 Well-architected five security principles
6 Core AWS account tools
7 Core AWS IAM objects
8 AWS organizations and root account
9 Object tagging
10 Billing management
11 CloudWatch logs and alerts
12 CloudTrail analysis with Athena
13 Trusted Advisor security alerts
Implement Identity and Access Management
14 IAM users and groups
15 IAM policies
16 IAM roles
17 Design user authentication
18 User authentication using AWS Simple AD
19 Secure authentication with Cognito
20 Secure user authentication using AD Federation
Implement Infrastructure Protection
21 Infrastructure and threat models
22 VPC and security groups
23 VPC Flow Logs and GuardDuty
24 Certificate Manager and WAF to secure load balancers
25 Inspector to monitor EC2 configurations
26 Config for locking service deployment
27 Service Catalog for AMI deployment
28 Systems Manager for OS management
Implement Data Protection
29 Data classification and protection
30 Use Macie to locate sensitive data
31 Encryption on AWS
32 AWS IAM Key Management Service
33 Data protection at rest in S3
34 Encrypt data in transit and VPC endpoints
35 Data backup replication and recovery
Implement Application Security
36 Application security concerns
37 Secure a serverless website
38 Secure a dynamic website
39 Secure an internal business application
40 Secure a big data pipeline
41 Secure an IoT and machine learning application
42 Prepare for a security audit
Conclusion
43 Next steps
Resolve the captcha to access the links!