This course will give you a detailed overview of using AWS security services training to stay secure in the AWS Cloud. The AWS Certified Security – Specialty exam is intended for individuals who perform a security role. The exam validates a candidate’s ability to effectively demonstrate knowledge about securing the AWS platform.
- The exam also validates whether a candidate has the following:
- An understanding of specialized data classifications and AWS data protection mechanisms
- An understanding of data-encryption methods and AWS mechanisms to implement them
- An understanding of secure internet protocols and AWS mechanisms to implement them
- A working knowledge of AWS security services and features of services to provide a secure production environment
- Competency from 2 or more years of production deployment experience in using AWS security services and features
- The ability to make tradeoff decisions with regard to cost, security, and deployment complexity to meet a set of application requirements An understanding of security operations and risks
- Exam Duration: 170 Minutes
- Number of Questions: 65
- Exam Format: Multiple Choice and Multiple Answer Type Exam
- Passing Score:75-80%
We recommend that attendees of this course have the following prerequisites
- AWS Cloud Practitioner
- AWS Security Fundamentals
- Architecting on AWS
- Working knowledge of IT security practices and infrastructure concepts
- Familiarity with cloud computing concepts
- Security engineers
- Security architects
- Information security
- Domain 1: Incident Response 12%
- Domain 2: Logging and Monitoring
- 20% Domain 3: Infrastructure Security 26%
- Domain 4: Identity and Access Management 20%
- Domain 5: Data Protection 22%
Domain 1: Incident Response
- 1.1 Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
- Verify that the Incident Response plan includes relevant AWS services
- Evaluate the configuration of automated alerting, and execute possible remediation of securityrelated incidents and emerging issues
- Workforce Planning & Employment
Domain 2: Logging and Monitoring
- 2.1 Design and implement security monitoring and alerting
- 2.2 Troubleshoot security monitoring and alerting.
- 2.3 Design and implement a logging solution.
- 2.4 Troubleshoot logging solutions
Domain 3: Infrastructure Security
- 3.1 Design edge security on AWS
- 3.2 Design and implement a secure network infrastructure
- 3.3 Troubleshoot a secure network infrastructure.
- 3.4 Design and implement host-based security
Domain 4: Identity and Access Management
- 4.1 Design and implement a scalable authorization and authentication system to access AWS resources
- 4.2 Troubleshoot an authorization and authentication system to access AWS resources.
- 5 step improvement process
Domain 5: Data Protection
- 5.1 Design and implement key management and use
- 5.2 Troubleshoot key management
- 5.3 Design and implement a data encryption solution for data at rest and data in transit