Designed specifically for students looking to gain a deep understanding of AWS security services, including the many different security mechanisms and techniques that AWS offers to secure your infrastructure and data from both internal and external threats and exposures. The AWS Certified Security – Specialty certification allows you to demonstrate and validate your AWS knowledge across security topics such as data protection and encryption, infrastructure security, incident response, identity and access management, monitoring and logging. With a blend of instructional courses, hands on labs, quizzes and a preparation exam, this Learning Path helps you prepare and master the AWS Certified Security – Specialty exam.
Domain 1: Incident Response
1.1 Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
1.2 Verify that the Incident Response plan includes relevant AWS services.
1.3 Evaluate the configuration of automated alerting, andexecute possible remediation of security-related incidents and emerging issues.
Domain 2: Logging and Monitoring
2.1 Design and implement security monitoring andalerting.
2.2 Troubleshoot security monitoring and alerting.
2.3 Design and implement a logging solution.
2.4 Troubleshoot logging solutions.
Domain 3: Infrastructure Security
3.1 Design edge security on AWS.
3.2 Design and implement a secure network Infrastructure.
3.3 Troubleshoot a secure network infrastructure.
3.4 Design and implement host-based security.
Domain 4: Identity and Access Management
4.1 Design and implement a scalable authorization and authentication system to access AWS resources.
4.2 Troubleshoot an authorization and authenticationsystem to access AWS resources.
Domain 5: Data Protection
5.1 Design and implement key management and use.
5.2 Troubleshoot key management.
5.3 Design and implement a data encryption solution for data at rest and data in transit.