Autoplay
Autocomplete
Previous Lecture
Complete and Continue
AWS Certified Security - Specialty
INTRODUCTION & SCENARIO
Public Introduction (6:00)
Finding and Using the Course Resources (14:31)
Site tools and features (9:17)
Scenario - Animals4life (13:28)
Connect with other students and your instructor (3:10)
Course Upgrades (if you ever want to upgrade)
SHARED LESSONS [SHAREDALL] [ASSOCIATESHARED] etc...
SPECIAL OFFERS !!! READ ME
Course Fundamentals and AWS Accounts
AWS Accounts - The Basics (11:33)
[Updated 202204] [DEMO] Creating an AWS Account (20:17)
Multi-factor Authentication (MFA) (8:25)
[Updated 202204] [DEMO] Securing An AWS Account (9:49)
[Updated 202204] [DEMO] Creating a Budget (7:14)
[DOITYOURSELF] Creating the Production Account (4:59)
Identity and Access Management (IAM) Basics (13:01)
[Updated 202204] Adding an IAM Admin - GENERAL ACCOUNT (12:37)
[Updated 202204] Adding an IAM Admin User - PRODUCTION ACCOUNT (7:33)
IAM Access Keys (7:10)
[DEMO] Creating Access keys and setting up AWS CLI v2 tools [UI UPDATE NEEDED] (17:24)
Tech Fundamentals [KEEP CHECKING - NEW LESSONS ADDED FREQUENTLY]
YAML101 - YAML AINT MARKUP LANGUAGE (9:55)
JSON101 - JavaScript Object Notation (7:32)
Network Starter Pack - 0 - INTRO (5:01)
Network Starter Pack - 1 - PHYSICAL (10:00)
Network Starter Pack - 2 - Data Link - Part 1 (8:47)
Network Starter Pack - 2 - Data Link - Part 2 (14:24)
Decimal to Binary Conversion (IP Addressing) (17:19)
Network Starter Pack - 3 - Network - Part 1 (12:06)
Network Starter Pack - 3 - Network - Part 2 (19:13)
Network Starter Pack - 3 - Network - Part 3 (15:21)
Network Starter Pack - 4&5 - Transport/Session - Part 1 (15:39)
Network Starter Pack - 4&5 - Transport/Session - Part 2 (14:16)
Network Starter Pack - EXTRA - Network Address Translation - PART1 (11:00)
Network Starter Pack - EXTRA - Network Address Translation - PART2 (9:38)
Network Starter Pack - EXTRA - Subnetting - PART1 (14:35)
Network Starter Pack - EXTRA - Subnetting - PART2 (10:33)
Distributed Denial of Service (DDoS) attack (14:38)
Encryption 101 - PART1 (13:56)
Encryption 101 - PART2 (6:42)
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) (11:41)
VLANS, Trunks & Q-in-Q (16:44)
Hash Functions & Hashing (13:19)
Digital Signatures (9:26)
DNS 101 Miniseries #1 - What does DNS do (2:56)
DNS 101 Miniseries #2 - Why does DNS need a complex architecture (13:19)
DNS 101 Miniseries #3 - How DNS actually works ... walking the tree (8:46)
DNS 101 Miniseries #4 - What happens when a domain is registered? (4:27)
DNS 101 Miniseries #5 - Why do we need DNSSEC (11:08)
DNS 101 Miniseries #6 - How DNSSEC Works within a Zone (17:34)
DNS 101 Miniseries #7 - DNSSEC Chain of Trust (8:16)
DNS 101 Miniseries #8 - DNSSEC Root Signing Ceremony (7:53)
Recovery Point Objective (RPO) and Recovery Time Objective (RTO) (16:54)
Domain 4: Identity and Access Management
[ASSOCIATESHARED] IAM Identity Policies (15:51)
[ASSOCIATESHARED] IAM Users and ARNs (13:49)
[ASSOCIATESHARED] IAM Groups (7:48)
[ASSOCIATESHARED] IAM Roles - The Tech (8:13)
[ASSOCIATESHARED] When to use IAM Roles (15:27)
Service-linked Roles and PassRole (5:16)
Security Token Service (STS) (6:53)
[ASSOCIATESHARED] EC2 Instance Roles & Profile (4:18)
Revoking IAM Role Temporary Security Credentials (9:23)
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART1 (12:12)
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART2 (10:20)
AWS Organizations (12:56)
[202204UPDATE] [DEMO] AWS Organizations - PART1 (7:00)
[202204UPDATE] [DEMO] AWS Organizations - PART2 (13:55)
Service Control Policies (SCP) (12:43)
[UPDATE202205] [DEMO] Using Service Control Policies (16:45)
IAM Policy Variables (4:58)
Policy Interpretation Deep Dive - Example 1 (10:23)
Policy Interpretation Deep Dive - Example 2 (9:11)
Policy Interpretation Deep Dive - Example 3 (10:59)
AWS Permissions Evaluation (10:25)
[THEORY&WALKTHROUGH] IAM Permissions Boundaries and Delegation (17:28)
External ID … confused deputy (9:07)
Directory Service Deep Dive (Microsoft AD) (10:11)
Directory Service Deep Dive (AD Connector) (7:37)
What is ID Federation? (6:08)
Amazon Cognito - User and Identity Pools (14:44)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART1 (7:26)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART2 (7:16)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART3 (8:14)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART4 (12:29)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART5 (2:43)
SAML Federation (this is the old way of doing things, but you need to know the architecture) (12:21)
IAM Identity Center (formally AWS SSO) (9:32)
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART1 (14:53)
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART2 (12:23)
[202204UPDATE] [ASSOCIATESHARED] S3 PreSigned URLs (11:11)
[SHAREDALL] [DEMO] Creating and using PresignedURLs (19:25)
[ASSOCIATESHARED] S3 Security (Resource Policies & ACLs) (18:19)
S3 Object Lock (9:52)
S3 Versioning & MFA (7:41)
[202205UPDATE] [DEMO] Cross Account Access to S3 - SETUP - STAGE1 (4:29)
[202205UPDATE] [DEMO] Cross Account Access to S3 - ACL - STAGE2 (9:39)
[202205UPDATE] [DEMO] Cross Account Access to S3 - BUCKET POLICY - STAGE3 (9:38)
[202205UPDATE] [DEMO] Cross Account Access to S3 - ROLE - STAGE4 (8:17)
EC2 Instance Metadata (15:46)
AWS Control Tower (15:42)
Domain 3: Infrastructure Security
Public and Private AWS Services (7:04)
[SHAREDALL] Custom VPCs - PART1 - THEORY (10:10)
[SHAREDALL] [DEMO] Custom VPCs - PART2 - DEMO (5:40)
[ASSOCIATESHARED] VPC Subnets (10:42)
[SHAREDALL] [DEMO] Implement multi-tier VPC subnets (15:24)
DHCP in a VPC (7:02)
VPC Router Deep Dive (13:21)
Stateful vs Stateless firewalls (14:25)
Network Access Control lists (NACL) (12:38)
Security Groups (SG) (11:48)
Internet Gateway (IGW) Ipv4 and IPv6 (15:52)
Egress Only Internet gateway (6:46)
Bastion Hosts & Authentication (6:16)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART1 (14:09)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART2 (11:43)
Port Forwarding (3:33)
Nat Instance (9:41)
Nat Gateway (15:24)
[202207UPDATE] [ASSOCIATESHARED] [DEMO] Implementing private internet access using NAT Gateways (19:27)
IP Sec VPN Fundamentals (14:54)
Virtual Private Gateway Deep Dive (VGW) (8:04)
[REFRESHER] AWS Site-to-Site VPN (18:05)
[DEMO] Simple Site2Site VPN - STAGE0 - SETUP (4:52)
[DEMO] Simple Site2Site VPN - STAGE1 - AWS VPN (10:01)
[DEMO] Simple Site2Site VPN - STAGE2 - onprep pfSense Config (17:09)
[DEMO] Simple Site2Site VPN - STAGE3 - Routing & Security (10:29)
[DEMO] Simple Site2Site VPN - STAGE4 - Testing (5:42)
[DEMO] Simple Site2Site VPN - STAGE5 - Cleanup (1:50)
Client VPN (6:31)
Gateway VPC Endpoints (11:14)
Interface VPC Endpoints (11:25)
[SHAREDALL] [DEMO] VPC Endpoints - Gateway - PART1 (12:31)
[SHAREDALL] [DEMO] VPC Endpoints - Interface - PART2 (17:22)
[SHAREDALL] [DEMO] Egress-Only Internet Gateway - PART3 (10:24)
Endpoint Policies (12:11)
[202207UPDATE][DEMO] Private S3 Buckets - PART1 - SETUP (8:15)
[202207UPDATE][DEMO] Private S3 Buckets - PART2 (17:02)
Advanced VPC DNS & DNS Endpoints (15:01)
VPC Peering (9:04)
[DEMO] VPC Peering (22:38)
EBS Encryption Architecture (8:22)
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART1 (16:59)
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART2 (14:22)
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART3 (14:29)
EBS Volume Secure wipes (4:12)
S3 Access Points (5:52)
CloudFront - Architecture (14:56)
AWS Certificate Manager (ACM) (11:21)
CloudFront - SSL/TLS & SNI (14:59)
CloudFront - Security - OAI & Custom Origins (8:50)
CloudFront - Georestrictions (9:40)
CloudFront - Private Behaviours, Signed URL & Cookies (7:49)
CloudFront - Field Level Encryption (9:00)
[email protected]
(8:03)
DDOS 101 (14:38)
AWS Shield (9:47)
[202207UPDATE] AWS Network Firewall - 101 (14:18)
Implementing DNSSEC using Route53 (17:43)
Domain 2: Logging and Monitoring
Cloudwatch 101 - PART1 (9:44)
Cloudwatch 101 - PART2 (9:19)
CloudWatch Logs Architecture (13:44)
CloudWatch Events and EventBridge (6:54)
S3 Events (4:32)
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART1 (18:03)
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART2 (17:43)
SNS Architecture (7:49)
AWS Security Hub (5:02)
Amazon Inspector (6:28)
AWS Trusted Advisor (8:54)
AWS Config (6:13)
VPC Flow Logs (9:56)
Application Layer (7) Firewalls (7:44)
Web Application Firewall (WAF), WEBACLs, Rule Groups and Rules (19:18)
[ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART1 (12:25)
[ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART2 (9:07)
CloudTrail Architecture (11:40)
[202205UPDATE] [UPDATED][DEMO] Implementing an Organizational Trail (18:26)
CloudTrail log file integrity validation (6:28)
AWS Athena 101 (8:19)
[DEMO] Athena Demo - PART1 (13:31)
[DEMO] Athena Demo - PART2 (11:37)
Amazon Macie 101 (12:04)
AWS Glue 101 (6:23)
AWS Artifact (1:47)
Domain 5: Data Protection
What is a hardware security Module (HSM) (6:40)
AWS Key Management Service (KMS) 101 (18:38)
CloudHSM (14:36)
S3 Object Encryption - PART1 (10:09)
S3 Object Encryption - PART2 (11:30)
[202207UPDATE] [SHAREDALL] [DEMO] Object Encryption and Role Separation (17:07)
Envelope Encryption (8:06)
Bucket Keys (5:59)
AWS Managed Keys vs Customer managed Keys (6:45)
[202207UPDATE] [SHAREDALL] [DEMO] KMS - Encrypting the battleplans with KMS (12:43)
Importing Key Material vs Generated Key Material (7:37)
Asymmetric keys in KMS (3:25)
Digital Signing using KMS (4:16)
Encryption SDK - Data Key Caching (6:27)
KMS security Model & Key Policies (5:51)
KMS Grants (7:16)
KMS Multi-region keys (5:29)
CloudHSM vs KMS (3:22)
KMS Custom Key Stores (4:49)
AWS Secrets Manager 101 (7:44)
RDS Encryption & IAM Authentication (7:03)
DynamoDB Encryption (5:21)
KMS encryption context (8:13)
[SHAREDALL] Elastic Load Balancer Architecture - PART1 (10:18)
Elastic Load Balancer Architecture (ELB) - PART2 (12:32)
[SHAREDALL] Application Load balancing (ALB) vs Network Load Balancing (NLB) (16:20)
ELB : SSL Offload and Session Stickiness (12:11)
[SHAREDALL] [DEMO] Seeing Session Stickiness in Action (12:57)
Load Balancer Security Policies (3:28)
Domain 1: Incident Response
AWS Abuse Notice, UAP & Penetration Testing (7:18)
AWS Guardduty 101 (4:14)
Amazon Detective (3:12)
EXAM PREP
General AWS Exam Technique - 3 Phase Approach (8:56)
[SHAREDALL] General AWS Question Technique - PART1 (14:12)
General AWS Question Technique - PART2 (9:01)
Exam Question Walkthrough #1 (8:16)
Exam Question Walkthrough #2 (4:53)
Practice Exam #1 - PART1 (1-20)
Practice Exam #1 - PART2 (21-40)
Practice Exam #1 - PART3 (41-60)
FINISHING UP
Thanks and a Favour (3:15)
Teach online with
SAML Federation (this is the old way of doing things, but you need to know the architecture)
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock