Autoplay
Autocomplete
Previous Lecture
Complete and Continue
AWS Certified Security - Specialty
INTRODUCTION & SCENARIO
Public Introduction (6:00)
Finding and Using the Course Resources (14:31)
Site tools and features (9:17)
Scenario - Animals4life (13:28)
Connect with other students and your instructor
Course Upgrades (if you ever want to upgrade)
SHARED LESSONS [SHAREDALL] [ASSOCIATESHARED] etc...
Course Fundamentals and AWS Accounts
AWS Accounts - The Basics (11:33)
[Updated 202204] [DEMO] Creating an AWS Account (20:17)
Multi-factor Authentication (MFA) (8:25)
[Updated 202204] [DEMO] Securing An AWS Account (9:49)
[Updated 202204] [DEMO] Creating a Budget (7:14)
[DOITYOURSELF] Creating the Production Account (4:59)
Identity and Access Management (IAM) Basics (13:01)
[Updated 202204] Adding an IAM Admin - GENERAL ACCOUNT (12:37)
[Updated 202204] Adding an IAM Admin User - PRODUCTION ACCOUNT (7:33)
IAM Access Keys (7:10)
[DEMO] Creating Access keys and setting up AWS CLI v2 tools [UI UPDATE NEEDED] (17:24)
Tech Fundamentals [KEEP CHECKING - NEW LESSONS ADDED FREQUENTLY]
YAML101 - YAML AINT MARKUP LANGUAGE (9:55)
JSON101 - JavaScript Object Notation (7:32)
Network Starter Pack - 0 - INTRO (5:00)
Network Starter Pack - 1 - PHYSICAL (9:59)
Network Starter Pack - 2 - Data Link - Part 1 (8:47)
Network Starter Pack - 2 - Data Link - Part 2 (14:24)
Decimal to Binary Conversion (IP Addressing) (17:19)
Network Starter Pack - 3 - Network - Part 1 (12:06)
Network Starter Pack - 3 - Network - Part 2 (19:13)
Network Starter Pack - 3 - Network - Part 3 (15:21)
Network Starter Pack - 4&5 - Transport/Session - Part 1 (15:39)
Network Starter Pack - 4&5 - Transport/Session - Part 2 (14:16)
Network Starter Pack - EXTRA - Network Address Translation - PART1 (11:00)
Network Starter Pack - EXTRA - Network Address Translation - PART2 (9:38)
Network Starter Pack - EXTRA - Subnetting - PART1 (14:35)
Network Starter Pack - EXTRA - Subnetting - PART2 (10:33)
Distributed Denial of Service (DDoS) attack (14:38)
Encryption 101 - PART1 (13:56)
Encryption 101 - PART2 (6:42)
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) (11:41)
Hash Functions & Hashing (13:19)
Digital Signatures (9:26)
Domain 4: Identity and Access Management
[ASSOCIATESHARED] IAM Identity Policies (15:51)
[ASSOCIATESHARED] IAM Users and ARNs (13:49)
[ASSOCIATESHARED] IAM Groups (7:48)
[ASSOCIATESHARED] IAM Roles - The Tech (8:13)
[ASSOCIATESHARED] When to use IAM Roles (15:27)
Service-linked Roles and PassRole (5:16)
Security Token Service (STS) (6:53)
[ASSOCIATESHARED] EC2 Instance Roles & Profile (4:18)
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART1 (12:12)
[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART2 (10:20)
Revoking IAM Role Temporary Security Credentials (9:23)
AWS Organizations (12:56)
[202204UPDATE] [DEMO] AWS Organizations - PART1 (7:00)
[202204UPDATE] [DEMO] AWS Organizations - PART2 (13:55)
Service Control Policies (SCP) (12:43)
[UPDATE202205] [DEMO] Using Service Control Policies (16:45)
IAM Policy Variables (4:58)
Policy Interpretation Deep Dive - Example 1 (10:23)
Policy Interpretation Deep Dive - Example 2 (9:11)
Policy Interpretation Deep Dive - Example 3 (10:59)
AWS Permissions Evaluation (10:25)
[THEORY&WALKTHROUGH] IAM Permissions Boundaries and Delegation (17:28)
External ID … confused deputy (9:07)
Directory Service Deep Dive (Microsoft AD) (10:11)
Directory Service Deep Dive (AD Connector) (7:37)
What is ID Federation? (6:08)
Amazon Cognito - User and Identity Pools (14:44)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART1 (7:26)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART2 (7:16)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART3 (8:14)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART4 (12:29)
[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART5 (2:43)
SAML Federation (this is the old way of doing things, but you need to know the architecture) (12:21)
IAM Identity Center (formally AWS SSO) (9:32)
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART1 (14:53)
[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART2 (12:23)
[202204UPDATE] [ASSOCIATESHARED] S3 PreSigned URLs (11:11)
[202204UPDATE] [ASSOCIATESHARED] [DEMO] Creating and using PresignedURLs (19:34)
[ASSOCIATESHARED] S3 Security (Resource Policies & ACLs) (18:19)
S3 Object Lock (9:52)
S3 Versioning & MFA (7:41)
[202205UPDATE] [DEMO] Cross Account Access to S3 - SETUP - STAGE1 (4:29)
[202205UPDATE] [DEMO] Cross Account Access to S3 - ACL - STAGE2 (9:39)
[202205UPDATE] [DEMO] Cross Account Access to S3 - BUCKET POLICY - STAGE3 (9:38)
[202205UPDATE] [DEMO] Cross Account Access to S3 - ROLE - STAGE4 (8:17)
EC2 Instance Metadata (15:46)
AWS Control Tower (15:42)
Domain 3: Infrastructure Security
Public and Private AWS Services (7:04)
Custom VPCs (14:39)
[ASSOCIATESHARED] VPC Subnets (10:42)
[ASSOCIATESHARED] [DEMO] Implement multi-tier VPC subnets [UPDATED202202] (20:34)
DHCP in a VPC (7:02)
VPC Router Deep Dive (13:21)
Stateful vs Stateless firewalls (14:25)
Network Access Control lists (NACL) (12:38)
Security Groups (SG) (11:48)
Internet Gateway (IGW) Ipv4 and IPv6 (15:52)
Egress Only Internet gateway (6:46)
Bastion Hosts & Authentication (6:16)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART1 (14:09)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART2 (11:43)
Port Forwarding (3:33)
Nat Instance (9:41)
Nat Gateway (15:24)
[202207UPDATE] [ASSOCIATESHARED] [DEMO] Implementing private internet access using NAT Gateways (19:27)
IP Sec VPN Fundamentals (14:54)
Virtual Private Gateway Deep Dive (VGW) (8:04)
[REFRESHER] AWS Site-to-Site VPN (18:05)
[DEMO] Simple Site2Site VPN - STAGE0 - SETUP (4:52)
[DEMO] Simple Site2Site VPN - STAGE1 - AWS VPN (10:01)
[DEMO] Simple Site2Site VPN - STAGE2 - onprep pfSense Config (17:09)
[DEMO] Simple Site2Site VPN - STAGE3 - Routing & Security (10:29)
[DEMO] Simple Site2Site VPN - STAGE4 - Testing (5:42)
[DEMO] Simple Site2Site VPN - STAGE5 - Cleanup (1:50)
Client VPN (6:31)
Gateway VPC Endpoints (11:14)
Interface VPC Endpoints (11:25)
[202205UPDATE] [ASSOCIATESHARED] [DEMO] Gateway Endpoint - PART1 (12:31)
[202205UPDATE] [ASSOCIATESHARED] [DEMO] Interface Endpoints - PART2 (17:22)
[202205UPDATE] [ASSOCIATESHARED] [DEMO] Egress-Only Internet Gateway - PART3 (10:24)
Endpoint Policies (12:11)
[202207UPDATE][DEMO] Private S3 Buckets - PART1 - SETUP (8:15)
[202207UPDATE][DEMO] Private S3 Buckets - PART2 (17:02)
Advanced VPC DNS & DNS Endpoints (15:01)
VPC Peering (9:04)
[DEMO] VPC Peering (22:38)
EBS Encryption Architecture (8:22)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART1 (16:59)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART2 (14:22)
[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART3 (14:29)
EBS Volume Secure wipes (4:12)
S3 Access Points (5:52)
CloudFront - Architecture (14:56)
AWS Certificate Manager (ACM) (11:21)
CloudFront - SSL/TLS & SNI (14:59)
CloudFront - Security - OAI & Custom Origins (8:50)
CloudFront - Georestrictions (9:40)
CloudFront - Private Behaviours, Signed URL & Cookies (7:49)
CloudFront - Field Level Encryption (9:00)
[email protected]
(8:03)
DDOS 101 (14:38)
AWS Shield (9:47)
[202207UPDATE] AWS Network Firewall - 101 (14:18)
Domain 2: Logging and Monitoring
Cloudwatch 101 - PART1 (9:44)
Cloudwatch 101 - PART2 (9:19)
CloudWatch Logs Architecture (13:44)
CloudWatch Events and EventBridge (6:54)
S3 Events (4:32)
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART1 (18:03)
[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART2 (17:43)
SNS Architecture (7:49)
AWS Security Hub (5:02)
Amazon Inspector (6:28)
AWS Trusted Advisor (8:54)
AWS Config (6:13)
VPC Flow Logs (9:56)
Application Layer (7) Firewalls (7:44)
Web Application Firewall (WAF), WEBACLs, Rule Groups and Rules (19:18)
[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART1 (12:25)
[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART2 (9:07)
CloudTrail Architecture (11:40)
[202205UPDATE] [UPDATED][DEMO] Implementing an Organizational Trail (18:26)
CloudTrail log file integrity validation (6:28)
AWS Athena 101 (8:19)
[DEMO] Athena Demo - PART1 (13:31)
[DEMO] Athena Demo - PART2 (11:37)
Amazon Macie 101 (12:04)
AWS Glue 101 (6:23)
AWS Artifact (1:47)
Domain 5: Data Protection
What is a hardware security Module (HSM) (6:40)
AWS Key Management Service (KMS) 101 (18:38)
CloudHSM (14:36)
S3 Object Encryption - PART1 (10:09)
S3 Object Encryption - PART2 (11:31)
[202207UPDATE] [SHAREDALL] [DEMO] Object Encryption and Role Separation (17:07)
Envelope Encryption (8:06)
Bucket Keys (5:59)
AWS Managed Keys vs Customer managed Keys (6:45)
[202207UPDATE] [SHAREDALL] [DEMO] KMS - Encrypting the battleplans with KMS (12:43)
Importing Key Material vs Generated Key Material (7:37)
Asymmetric keys in KMS (3:25)
Digital Signing using KMS (4:16)
Encryption SDK - Data Key Caching (6:27)
KMS security Model & Key Policies (5:51)
KMS Grants (7:16)
KMS Multi-region keys (5:29)
CloudHSM vs KMS (3:22)
KMS Custom Key Stores (4:49)
AWS Secrets Manager 101 (7:44)
RDS Encryption & IAM Authentication (7:03)
DynamoDB Encryption (5:21)
KMS encryption context (8:13)
[SHAREDALL] Elastic Load Balancer Architecture - PART1 (10:18)
Elastic Load Balancer Architecture (ELB) - PART2 (12:32)
[SHAREDALL] Application Load balancing (ALB) vs Network Load Balancing (NLB) (16:20)
ELB : SSL Offload and Session Stickiness (12:11)
Load Balancer Security Policies (3:28)
Domain 1: Incident Response
AWS Abuse Notice, UAP & Penetration Testing (7:18)
AWS Guardduty 101 (4:14)
Amazon Detective (3:12)
EXAM PREP
General AWS Exam Technique - 3 Phase Approach (8:56)
[SHAREDALL] General AWS Question Technique - PART1 (14:12)
General AWS Question Technique - PART2 (9:01)
Exam Question Walkthrough #1 (8:16)
Exam Question Walkthrough #2 (4:53)
Practice Exam #1 - PART1 (1-20)
Practice Exam #1 - PART2 (21-40)
Practice Exam #1 - PART3 (41-60)
FINISHING UP
Thanks and a Favour (3:15)
SAML Federation (this is the old way of doing things, but you need to know the architecture)
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock