CF

AWS Certified Security - Specialty

39h 15m 45s
English
Free

Pass the AWS Security – Specialty exam (SCS-C01).  EARLY ACCESS - NOT FINISHED. PRODUCTION COMMENCED IN APRIL 2022 - ETA 2-3 MONTHS

Additional

This Course Repo URL : https://github.com/acantril/aws-security-specialty

Roadmap : https://www.notion.so/96fc88a739dc45a59174f1acd8a96776?v=604d7bc7ed9744e1982ef257273d44f9  

About the Author: Adrian Cantrill

Adrian Cantrill thumbnail

Adrian Cantrill is a UK-based cloud architect and one of the most authoritative independent voices on AWS certification preparation. His paid course catalog at learn.cantrill.io anchors the certification-prep paths for engineers studying for the AWS Solutions Architect, SysOps, Developer, DevOps Engineer, Security, and other associate / professional / specialty certifications.

The teaching style is unusually rigorous for the AWS-cert market: rather than memorising the exam questions, Adrian's courses build the underlying mental model of how AWS services actually work — networking primitives, IAM, the storage stack, the compute and container layers — at a level deep enough that the certification exam falls out as a side-effect of real understanding. The courses include extensive hands-on labs against real AWS accounts.

The CourseFlix listing under this source carries over 10 Adrian Cantrill courses spanning the major AWS certification paths. Material is paid; Cantrill courses are sold individually on the original platform. Courses are aimed at engineers preparing for AWS certifications or otherwise building deep working knowledge of the AWS platform.

Watch Online 224 lessons

  • Space or K: play or pause
  • J: rewind 10 seconds
  • L: forward 10 seconds
  • Left Arrow: rewind 5 seconds
  • Right Arrow: forward 5 seconds
  • Up Arrow: volume up
  • Down Arrow: volume down
  • M: mute or unmute
  • F: toggle fullscreen
  • T: toggle theater mode
  • I: toggle mini player
  • 0 to 9: seek to 0 to 90 percent of the video
  • Shift plus N: next video
  • Shift plus P: previous video
0:00 0:00
#Lesson TitleDuration
1Public Introduction 06:01
2Finding and Using the Course Resources 14:32
3Site tools and features 09:18
4Scenario - Animals4life 13:29
5AWS Accounts - The Basics 11:34
6[Updated 202204] [DEMO] Creating an AWS Account 20:18
7Multi-factor Authentication (MFA) 08:26
8[Updated 202204] [DEMO] Securing An AWS Account 09:51
9[Updated 202204] [DEMO] Creating a Budget 07:15
10[DOITYOURSELF] Creating the Production Account 05:00
11Identity and Access Management (IAM) Basics 13:02
12[Updated 202204] Adding an IAM Admin - GENERAL ACCOUNT 12:38
13[Updated 202204] Adding an IAM Admin User - PRODUCTION ACCOUNT 07:35
14IAM Access Keys 07:11
15[DEMO] Creating Access keys and setting up AWS CLI v2 tools [UI UPDATE NEEDED] 17:25
16YAML101 - YAML AINT MARKUP LANGUAGE 09:56
17JSON101 - JavaScript Object Notation 07:33
18Network Starter Pack - 0 - INTRO 05:01
19Network Starter Pack - 1 - PHYSICAL 10:01
20Network Starter Pack - 2 - Data Link - Part 1 08:48
21Network Starter Pack - 2 - Data Link - Part 2 14:25
22Decimal to Binary Conversion (IP Addressing) 17:20
23Network Starter Pack - 3 - Network - Part 1 12:07
24Network Starter Pack - 3 - Network - Part 2 19:14
25Network Starter Pack - 3 - Network - Part 3 15:22
26Network Starter Pack - 4&5 - Transport/Session - Part 1 15:40
27Network Starter Pack - 4&5 - Transport/Session - Part 2 14:17
28Network Starter Pack - EXTRA - Network Address Translation - PART1 11:01
29Network Starter Pack - EXTRA - Network Address Translation - PART2 09:39
30Network Starter Pack - EXTRA - Subnetting - PART1 14:37
31Network Starter Pack - EXTRA - Subnetting - PART2 10:34
32Distributed Denial of Service (DDoS) attack 14:39
33Encryption 101 - PART1 13:57
34Encryption 101 - PART2 06:43
35Secure Sockets Layer (SSL) and Transport Layer Security (TLS) 11:42
36Hash Functions & Hashing 13:20
37Digital Signatures 09:27
38[ASSOCIATESHARED] IAM Identity Policies 15:53
39[ASSOCIATESHARED] IAM Users and ARNs 13:50
40[ASSOCIATESHARED] IAM Groups 07:49
41[ASSOCIATESHARED] IAM Roles - The Tech 08:14
42[ASSOCIATESHARED] When to use IAM Roles 15:28
43Service-linked Roles and PassRole 05:17
44Security Token Service (STS) 06:54
45[ASSOCIATESHARED] EC2 Instance Roles & Profile 04:19
46Revoking IAM Role Temporary Security Credentials 09:24
47[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART1 12:13
48[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART2 10:21
49AWS Organizations 12:57
50[202204UPDATE] [DEMO] AWS Organizations - PART1 07:01
51[202204UPDATE] [DEMO] AWS Organizations - PART2 13:56
52Service Control Policies (SCP) 12:44
53[UPDATE202205] [DEMO] Using Service Control Policies 16:46
54IAM Policy Variables 04:59
55Policy Interpretation Deep Dive - Example 1 10:24
56Policy Interpretation Deep Dive - Example 2 09:13
57Policy Interpretation Deep Dive - Example 3 11:00
58AWS Permissions Evaluation 10:26
59[THEORY&WALKTHROUGH] IAM Permissions Boundaries and Delegation 17:29
60External ID … confused deputy 09:08
61Directory Service Deep Dive (Microsoft AD) 10:12
62Directory Service Deep Dive (AD Connector) 07:38
63What is ID Federation? 06:09
64Amazon Cognito - User and Identity Pools 14:45
65[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART1 07:27
66[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART2 07:17
67[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART3 08:15
68[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART4 12:30
69[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART5 02:44
70SAML Federation (this is the old way of doing things, but you need to know the architecture) 12:22
71IAM Identity Center (formally AWS SSO) 09:34
72[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART1 14:54
73[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART2 12:24
74[202204UPDATE] [ASSOCIATESHARED] S3 PreSigned URLs 11:12
75[202204UPDATE] [ASSOCIATESHARED] [DEMO] Creating and using PresignedURLs 19:36
76[ASSOCIATESHARED] S3 Security (Resource Policies & ACLs) 18:20
77S3 Object Lock 09:53
78S3 Versioning & MFA 07:42
79[202205UPDATE] [DEMO] Cross Account Access to S3 - SETUP - STAGE1 04:30
80[202205UPDATE] [DEMO] Cross Account Access to S3 - ACL - STAGE2 09:40
81[202205UPDATE] [DEMO] Cross Account Access to S3 - BUCKET POLICY - STAGE3 09:39
82[202205UPDATE] [DEMO] Cross Account Access to S3 - ROLE - STAGE4 08:18
83EC2 Instance Metadata 15:47
84AWS Control Tower 15:43
85Public and Private AWS Services 07:05
86Custom VPCs 14:40
87[ASSOCIATESHARED] VPC Subnets 10:43
88[ASSOCIATESHARED] [DEMO] Implement multi-tier VPC subnets [UPDATED202202] 20:35
89DHCP in a VPC 07:03
90VPC Router Deep Dive 13:22
91Stateful vs Stateless firewalls 14:26
92Network Access Control lists (NACL) 12:39
93Security Groups (SG) 11:49
94Internet Gateway (IGW) Ipv4 and IPv6 15:53
95Egress Only Internet gateway 06:47
96Bastion Hosts & Authentication 06:17
97[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART1 14:10
98[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART2 11:44
99Port Forwarding 03:34
100Nat Instance 09:42
101Nat Gateway 15:25
102[202207UPDATE] [ASSOCIATESHARED] [DEMO] Implementing private internet access using NAT Gateways 19:28
103IP Sec VPN Fundamentals 14:55
104Virtual Private Gateway Deep Dive (VGW) 08:05
105[REFRESHER] AWS Site-to-Site VPN 18:06
106[DEMO] Simple Site2Site VPN - STAGE0 - SETUP 04:53
107[DEMO] Simple Site2Site VPN - STAGE1 - AWS VPN 10:02
108[DEMO] Simple Site2Site VPN - STAGE2 - onprep pfSense Config 17:10
109[DEMO] Simple Site2Site VPN - STAGE3 - Routing & Security 10:30
110[DEMO] Simple Site2Site VPN - STAGE4 - Testing 05:43
111[DEMO] Simple Site2Site VPN - STAGE5 - Cleanup 01:51
112Client VPN 06:32
113Gateway VPC Endpoints 11:15
114Interface VPC Endpoints 11:26
115[202205UPDATE] [ASSOCIATESHARED] [DEMO] Gateway Endpoint - PART1 12:32
116[202205UPDATE] [ASSOCIATESHARED] [DEMO] Interface Endpoints - PART2 17:23
117[202205UPDATE] [ASSOCIATESHARED] [DEMO] Egress-Only Internet Gateway - PART3 10:25
118Endpoint Policies 12:12
119[202207UPDATE][DEMO] Private S3 Buckets - PART1 - SETUP 08:16
120[202207UPDATE][DEMO] Private S3 Buckets - PART2 17:03
121Advanced VPC DNS & DNS Endpoints 15:02
122VPC Peering 09:05
123[DEMO] VPC Peering 22:39
124EBS Encryption Architecture 08:23
125[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART1 17:00
126[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART2 14:23
127[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART3 14:30
128EBS Volume Secure wipes 04:13
129S3 Access Points 05:53
130CloudFront - Architecture 14:57
131AWS Certificate Manager (ACM) 11:22
132CloudFront - SSL/TLS & SNI 15:00
133CloudFront - Security - OAI & Custom Origins 08:51
134CloudFront - Georestrictions 09:41
135CloudFront - Private Behaviours, Signed URL & Cookies 07:50
136CloudFront - Field Level Encryption 09:01
137Lambda@edge 08:04
138DDOS 101 14:39
139AWS Shield 09:48
140[202207UPDATE] AWS Network Firewall - 101 14:19
141Cloudwatch 101 - PART1 09:45
142Cloudwatch 101 - PART2 09:20
143CloudWatch Logs Architecture 13:45
144CloudWatch Events and EventBridge 06:55
145S3 Events 04:33
146[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART1 18:04
147[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART2 17:44
148SNS Architecture 07:50
149AWS Security Hub 05:03
150Amazon Inspector 06:29
151AWS Trusted Advisor 08:55
152AWS Config 06:15
153VPC Flow Logs 09:57
154Application Layer (7) Firewalls 07:45
155Web Application Firewall (WAF), WEBACLs, Rule Groups and Rules 19:18
156[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART1 12:26
157[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART2 09:08
158CloudTrail Architecture 11:41
159[202205UPDATE] [UPDATED][DEMO] Implementing an Organizational Trail 18:27
160CloudTrail log file integrity validation 06:29
161AWS Athena 101 08:20
162[DEMO] Athena Demo - PART1 13:32
163[DEMO] Athena Demo - PART2 11:38
164Amazon Macie 101 12:05
165AWS Glue 101 06:24
166AWS Artifact 01:48
167What is a hardware security Module (HSM) 06:41
168AWS Key Management Service (KMS) 101 18:39
169CloudHSM 14:37
170S3 Object Encryption - PART1 10:10
171S3 Object Encryption - PART2 11:32
172[202207UPDATE] [SHAREDALL] [DEMO] Object Encryption and Role Separation 17:08
173Envelope Encryption 08:07
174Bucket Keys 06:00
175AWS Managed Keys vs Customer managed Keys 06:46
176[202207UPDATE] [SHAREDALL] [DEMO] KMS - Encrypting the battleplans with KMS 12:44
177Importing Key Material vs Generated Key Material 07:38
178Asymmetric keys in KMS 03:26
179Digital Signing using KMS 04:17
180Encryption SDK - Data Key Caching 06:28
181KMS security Model & Key Policies 05:52
182KMS Grants 07:17
183KMS Multi-region keys 05:30
184CloudHSM vs KMS 03:23
185KMS Custom Key Stores 04:50
186AWS Secrets Manager 101 07:45
187RDS Encryption & IAM Authentication 07:04
188DynamoDB Encryption 05:22
189KMS encryption context 08:14
190[SHAREDALL] Elastic Load Balancer Architecture - PART1 10:19
191Elastic Load Balancer Architecture (ELB) - PART2 12:33
192[SHAREDALL] Application Load balancing (ALB) vs Network Load Balancing (NLB) 16:21
193ELB : SSL Offload and Session Stickiness 12:12
194Load Balancer Security Policies 03:29
195AWS Abuse Notice, UAP & Penetration Testing 07:19
196AWS Guardduty 101 04:15
197Amazon Detective 03:13
198General AWS Exam Technique - 3 Phase Approach 08:57
199[SHAREDALL] General AWS Question Technique - PART1 14:13
200General AWS Question Technique - PART2 09:02
201Exam Question Walkthrough #1 08:17
202Exam Question Walkthrough #2 04:54
203Thanks and a Favour 03:16
204[update ch 28.07.23]AWS Service Catalog 07:08
205[update ch 28.07.23]AWS Resource Access Manager (RAM) 14:44
206[update ch 28.07.23]Trusted Advisor 08:55
207[update ch 28.07.23]CloudFormation Physical & Logical Resources 07:31
208[update ch 28.07.23]CloudFormation Template and Pseudo Parameters 06:54
209[update ch 28.07.23]CloudFormation Intrinsic Functions 14:29
210[update ch 28.07.23]CloudFormation Mappings 04:31
211[update ch 28.07.23]CloudFormation Outputs 03:38
212[update ch 28.07.23]CloudFormation Conditions 07:25
213[update ch 28.07.23]CloudFormation DependsOn 07:15
214[update ch 28.07.23]CloudFormation Wait Conditions & cfn-signal 11:53
215[update ch 28.07.23]CloudFormation Nested Stacks 13:56
216[update ch 28.07.23]CloudFormation Cross-Stack References 10:06
217[update ch 28.07.23]CloudFormation Deletion Policy 05:25
218[update ch 28.07.23]CloudFormation Stack Roles 06:48
219[update ch 28.07.23]CloudFormation ChangeSets 11:04
220[update ch 28.07.23]CloudFormation Custom Resources 11:03
221[update ch 28.07.23][SHAREDALL] [DEMO] Custom VPCs - PART2 - DEMO 05:41
222[update ch 28.07.23]Implementing DNSSEC using Route53 17:44
223[update ch 28.07.23][DEMO] Amazon Macie 15:36
224[update ch 28.07.23][SHAREDALL] [DEMO] Seeing Session Stickiness in Action 12:58

Related courses

Frequently asked questions

What is AWS Certified Security - Specialty about?
Pass the AWS Security – Specialty exam (SCS-C01). EARLY ACCESS - NOT FINISHED. PRODUCTION COMMENCED IN APRIL 2022 - ETA 2-3 MONTHS
Who teaches this course?
It is taught by Adrian Cantrill. You can find more courses by this instructor on the corresponding source page.
How long is the course?
It contains 224 lessons with a total runtime of 39 hours 15 minutes. Every lesson is available to watch online at your own pace.
Is it free to watch?
Yes — this is a free online course on CourseFlix. You can watch every lesson without a paid subscription.
Where can I watch it online?
The course is available to watch online on CourseFlix at https://courseflix.net/course/aws-certified-security-specialty. The page hosts every lesson with the integrated video player; no download is required.