INTRODUCTION & SCENARIO
-
Public Introduction (6:00)
-
Finding and Using the Course Resources (14:31)
-
Site tools and features (9:17)
-
Scenario - Animals4life (13:28)
-
Connect with other students and your instructor (3:10)
-
Course Upgrades (if you ever want to upgrade)
-
SHARED LESSONS [SHAREDALL] [ASSOCIATESHARED] etc...
-
SPECIAL OFFERS !!! READ ME
Course Fundamentals and AWS Accounts
-
AWS Accounts - The Basics (11:33)
-
[Updated 202204] [DEMO] Creating an AWS Account (20:17)
-
Multi-factor Authentication (MFA) (8:25)
-
[Updated 202204] [DEMO] Securing An AWS Account (9:49)
-
[Updated 202204] [DEMO] Creating a Budget (7:14)
-
[DOITYOURSELF] Creating the Production Account (4:59)
-
Identity and Access Management (IAM) Basics (13:01)
-
[Updated 202204] Adding an IAM Admin - GENERAL ACCOUNT (12:37)
-
[Updated 202204] Adding an IAM Admin User - PRODUCTION ACCOUNT (7:33)
-
IAM Access Keys (7:10)
-
[DEMO] Creating Access keys and setting up AWS CLI v2 tools [UI UPDATE NEEDED] (17:24)
Tech Fundamentals [KEEP CHECKING - NEW LESSONS ADDED FREQUENTLY]
-
YAML101 - YAML AINT MARKUP LANGUAGE (9:55)
-
JSON101 - JavaScript Object Notation (7:32)
-
Network Starter Pack - 0 - INTRO (5:01)
-
Network Starter Pack - 1 - PHYSICAL (10:00)
-
Network Starter Pack - 2 - Data Link - Part 1 (8:47)
-
Network Starter Pack - 2 - Data Link - Part 2 (14:24)
-
Decimal to Binary Conversion (IP Addressing) (17:19)
-
Network Starter Pack - 3 - Network - Part 1 (12:06)
-
Network Starter Pack - 3 - Network - Part 2 (19:13)
-
Network Starter Pack - 3 - Network - Part 3 (15:21)
-
Network Starter Pack - 4&5 - Transport/Session - Part 1 (15:39)
-
Network Starter Pack - 4&5 - Transport/Session - Part 2 (14:16)
-
Network Starter Pack - EXTRA - Network Address Translation - PART1 (11:00)
-
Network Starter Pack - EXTRA - Network Address Translation - PART2 (9:38)
-
Network Starter Pack - EXTRA - Subnetting - PART1 (14:35)
-
Network Starter Pack - EXTRA - Subnetting - PART2 (10:33)
-
Distributed Denial of Service (DDoS) attack (14:38)
-
Encryption 101 - PART1 (13:56)
-
Encryption 101 - PART2 (6:42)
-
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) (11:41)
-
VLANS, Trunks & Q-in-Q (16:44)
-
Hash Functions & Hashing (13:19)
-
Digital Signatures (9:26)
-
DNS 101 Miniseries #1 - What does DNS do (2:56)
-
DNS 101 Miniseries #2 - Why does DNS need a complex architecture (13:19)
-
DNS 101 Miniseries #3 - How DNS actually works ... walking the tree (8:46)
-
DNS 101 Miniseries #4 - What happens when a domain is registered? (4:27)
-
DNS 101 Miniseries #5 - Why do we need DNSSEC (11:08)
-
DNS 101 Miniseries #6 - How DNSSEC Works within a Zone (17:34)
-
DNS 101 Miniseries #7 - DNSSEC Chain of Trust (8:16)
-
DNS 101 Miniseries #8 - DNSSEC Root Signing Ceremony (7:53)
-
Recovery Point Objective (RPO) and Recovery Time Objective (RTO) (16:54)
Domain 4: Identity and Access Management
-
[ASSOCIATESHARED] IAM Identity Policies (15:51)
-
[ASSOCIATESHARED] IAM Users and ARNs (13:49)
-
[ASSOCIATESHARED] IAM Groups (7:48)
-
[ASSOCIATESHARED] IAM Roles - The Tech (8:13)
-
[ASSOCIATESHARED] When to use IAM Roles (15:27)
-
Service-linked Roles and PassRole (5:16)
-
Security Token Service (STS) (6:53)
-
[ASSOCIATESHARED] EC2 Instance Roles & Profile (4:18)
-
Revoking IAM Role Temporary Security Credentials (9:23)
-
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART1 (12:12)
-
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART2 (10:20)
-
AWS Organizations (12:56)
-
[202204UPDATE] [DEMO] AWS Organizations - PART1 (7:00)
-
[202204UPDATE] [DEMO] AWS Organizations - PART2 (13:55)
-
Service Control Policies (SCP) (12:43)
-
[UPDATE202205] [DEMO] Using Service Control Policies (16:45)
-
IAM Policy Variables (4:58)
-
Policy Interpretation Deep Dive - Example 1 (10:23)
-
Policy Interpretation Deep Dive - Example 2 (9:11)
-
Policy Interpretation Deep Dive - Example 3 (10:59)
-
AWS Permissions Evaluation (10:25)
-
[THEORY&WALKTHROUGH] IAM Permissions Boundaries and Delegation (17:28)
-
External ID … confused deputy (9:07)
-
Directory Service Deep Dive (Microsoft AD) (10:11)
-
Directory Service Deep Dive (AD Connector) (7:37)
-
What is ID Federation? (6:08)
-
Amazon Cognito - User and Identity Pools (14:44)
-
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART1 (7:26)
-
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART2 (7:16)
-
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART3 (8:14)
-
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART4 (12:29)
-
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART5 (2:43)
-
SAML Federation (this is the old way of doing things, but you need to know the architecture) (12:21)
-
IAM Identity Center (formally AWS SSO) (9:32)
-
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART1 (14:53)
-
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART2 (12:23)
-
[202204UPDATE] [ASSOCIATESHARED] S3 PreSigned URLs (11:11)
-
[SHAREDALL] [DEMO] Creating and using PresignedURLs (19:25)
-
[ASSOCIATESHARED] S3 Security (Resource Policies & ACLs) (18:19)
-
S3 Object Lock (9:52)
-
S3 Versioning & MFA (7:41)
-
[202205UPDATE] [DEMO] Cross Account Access to S3 - SETUP - STAGE1 (4:29)
-
[202205UPDATE] [DEMO] Cross Account Access to S3 - ACL - STAGE2 (9:39)
-
[202205UPDATE] [DEMO] Cross Account Access to S3 - BUCKET POLICY - STAGE3 (9:38)
-
[202205UPDATE] [DEMO] Cross Account Access to S3 - ROLE - STAGE4 (8:17)
-
EC2 Instance Metadata (15:46)
-
AWS Control Tower (15:42)
Domain 3: Infrastructure Security
-
Public and Private AWS Services (7:04)
-
[SHAREDALL] Custom VPCs - PART1 - THEORY (10:10)
-
[SHAREDALL] [DEMO] Custom VPCs - PART2 - DEMO (5:40)
-
[ASSOCIATESHARED] VPC Subnets (10:42)
-
[SHAREDALL] [DEMO] Implement multi-tier VPC subnets (15:24)
-
DHCP in a VPC (7:02)
-
VPC Router Deep Dive (13:21)
-
Stateful vs Stateless firewalls (14:25)
-
Network Access Control lists (NACL) (12:38)
-
Security Groups (SG) (11:48)
-
Internet Gateway (IGW) Ipv4 and IPv6 (15:52)
-
Egress Only Internet gateway (6:46)
-
Bastion Hosts & Authentication (6:16)
-
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART1 (14:09)
-
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART2 (11:43)
-
Port Forwarding (3:33)
-
Nat Instance (9:41)
-
Nat Gateway (15:24)
-
[202207UPDATE] [ASSOCIATESHARED] [DEMO] Implementing private internet access using NAT Gateways (19:27)
-
IP Sec VPN Fundamentals (14:54)
-
Virtual Private Gateway Deep Dive (VGW) (8:04)
-
[REFRESHER] AWS Site-to-Site VPN (18:05)
-
[DEMO] Simple Site2Site VPN - STAGE0 - SETUP (4:52)
-
[DEMO] Simple Site2Site VPN - STAGE1 - AWS VPN (10:01)
-
[DEMO] Simple Site2Site VPN - STAGE2 - onprep pfSense Config (17:09)
-
[DEMO] Simple Site2Site VPN - STAGE3 - Routing & Security (10:29)
-
[DEMO] Simple Site2Site VPN - STAGE4 - Testing (5:42)
-
[DEMO] Simple Site2Site VPN - STAGE5 - Cleanup (1:50)
-
Client VPN (6:31)
-
Gateway VPC Endpoints (11:14)
-
Interface VPC Endpoints (11:25)
-
[SHAREDALL] [DEMO] VPC Endpoints - Gateway - PART1 (12:31)
-
[SHAREDALL] [DEMO] VPC Endpoints - Interface - PART2 (17:22)
-
[SHAREDALL] [DEMO] Egress-Only Internet Gateway - PART3 (10:24)
-
Endpoint Policies (12:11)
-
[202207UPDATE][DEMO] Private S3 Buckets - PART1 - SETUP (8:15)
-
[202207UPDATE][DEMO] Private S3 Buckets - PART2 (17:02)
-
Advanced VPC DNS & DNS Endpoints (15:01)
-
VPC Peering (9:04)
-
[DEMO] VPC Peering (22:38)
-
EBS Encryption Architecture (8:22)
-
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART1 (16:59)
-
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART2 (14:22)
-
[ASSOCIATESHARED] [DEMO] EBS Volumes - PART3 (14:29)
-
EBS Volume Secure wipes (4:12)
-
S3 Access Points (5:52)
-
CloudFront - Architecture (14:56)
-
AWS Certificate Manager (ACM) (11:21)
-
CloudFront - SSL/TLS & SNI (14:59)
-
CloudFront - Security - OAI & Custom Origins (8:50)
-
CloudFront - Georestrictions (9:40)
-
CloudFront - Private Behaviours, Signed URL & Cookies (7:49)
-
CloudFront - Field Level Encryption (9:00)
-
[email protected] (8:03)
-
DDOS 101 (14:38)
-
AWS Shield (9:47)
-
[202207UPDATE] AWS Network Firewall - 101 (14:18)
-
Implementing DNSSEC using Route53 (17:43)
Domain 2: Logging and Monitoring
-
Cloudwatch 101 - PART1 (9:44)
-
Cloudwatch 101 - PART2 (9:19)
-
CloudWatch Logs Architecture (13:44)
-
CloudWatch Events and EventBridge (6:54)
-
S3 Events (4:32)
-
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART1 (18:03)
-
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART2 (17:43)
-
SNS Architecture (7:49)
-
AWS Security Hub (5:02)
-
Amazon Inspector (6:28)
-
AWS Trusted Advisor (8:54)
-
AWS Config (6:13)
-
VPC Flow Logs (9:56)
-
Application Layer (7) Firewalls (7:44)
-
Web Application Firewall (WAF), WEBACLs, Rule Groups and Rules (19:18)
-
[ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART1 (12:25)
-
[ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART2 (9:07)
-
CloudTrail Architecture (11:40)
-
[202205UPDATE] [UPDATED][DEMO] Implementing an Organizational Trail (18:26)
-
CloudTrail log file integrity validation (6:28)
-
AWS Athena 101 (8:19)
-
[DEMO] Athena Demo - PART1 (13:31)
-
[DEMO] Athena Demo - PART2 (11:37)
-
Amazon Macie 101 (12:04)
-
AWS Glue 101 (6:23)
-
AWS Artifact (1:47)
Domain 5: Data Protection
-
What is a hardware security Module (HSM) (6:40)
-
AWS Key Management Service (KMS) 101 (18:38)
-
CloudHSM (14:36)
-
S3 Object Encryption - PART1 (10:09)
-
S3 Object Encryption - PART2 (11:30)
-
[202207UPDATE] [SHAREDALL] [DEMO] Object Encryption and Role Separation (17:07)
-
Envelope Encryption (8:06)
-
Bucket Keys (5:59)
-
AWS Managed Keys vs Customer managed Keys (6:45)
-
[202207UPDATE] [SHAREDALL] [DEMO] KMS - Encrypting the battleplans with KMS (12:43)
-
Importing Key Material vs Generated Key Material (7:37)
-
Asymmetric keys in KMS (3:25)
-
Digital Signing using KMS (4:16)
-
Encryption SDK - Data Key Caching (6:27)
-
KMS security Model & Key Policies (5:51)
-
KMS Grants (7:16)
-
KMS Multi-region keys (5:29)
-
CloudHSM vs KMS (3:22)
-
KMS Custom Key Stores (4:49)
-
AWS Secrets Manager 101 (7:44)
-
RDS Encryption & IAM Authentication (7:03)
-
DynamoDB Encryption (5:21)
-
KMS encryption context (8:13)
-
[SHAREDALL] Elastic Load Balancer Architecture - PART1 (10:18)
-
Elastic Load Balancer Architecture (ELB) - PART2 (12:32)
-
[SHAREDALL] Application Load balancing (ALB) vs Network Load Balancing (NLB) (16:20)
-
ELB : SSL Offload and Session Stickiness (12:11)
-
[SHAREDALL] [DEMO] Seeing Session Stickiness in Action (12:57)
-
Load Balancer Security Policies (3:28)
Domain 1: Incident Response
EXAM PREP
-
General AWS Exam Technique - 3 Phase Approach (8:56)
-
[SHAREDALL] General AWS Question Technique - PART1 (14:12)
-
General AWS Question Technique - PART2 (9:01)
-
Exam Question Walkthrough #1 (8:16)
-
Exam Question Walkthrough #2 (4:53)
-
Practice Exam #1 - PART1 (1-20)
-
Practice Exam #1 - PART2 (21-40)
-
Practice Exam #1 - PART3 (41-60)
FINISHING UP
