CF

AWS Certified Security - Specialty

39h 15m 45s
English
Free

AWS Certified Security - Specialty is a 224-lesson 39 hours 15 minutes self-paced course by Adrian Cantrill. Pass the AWS Security – Specialty exam (SCS-C01).

Course facts

Lessons
224
Duration
39 hours 15 minutes
Level
All levels
Language
English
Updated
2024-02-29
Instructor
Adrian Cantrill
Price
Free

Pass the AWS Security – Specialty exam (SCS-C01).  EARLY ACCESS - NOT FINISHED. PRODUCTION COMMENCED IN APRIL 2022 - ETA 2-3 MONTHS

Additional

This Course Repo URL : https://github.com/acantril/aws-security-specialty

Roadmap : https://www.notion.so/96fc88a739dc45a59174f1acd8a96776?v=604d7bc7ed9744e1982ef257273d44f9  

Who teaches AWS Certified Security - Specialty? Adrian Cantrill

Adrian Cantrill thumbnail

Adrian Cantrill is a UK-based cloud architect and one of the most authoritative independent voices on AWS certification preparation. His paid course catalog at learn.cantrill.io anchors the certification-prep paths for engineers studying for the AWS Solutions Architect, SysOps, Developer, DevOps Engineer, Security, and other associate / professional / specialty certifications.

The teaching style is unusually rigorous for the AWS-cert market: rather than memorising the exam questions, Adrian's courses build the underlying mental model of how AWS services actually work — networking primitives, IAM, the storage stack, the compute and container layers — at a level deep enough that the certification exam falls out as a side-effect of real understanding. The courses include extensive hands-on labs against real AWS accounts.

The CourseFlix listing under this source carries over 10 Adrian Cantrill courses spanning the major AWS certification paths. Material is paid; Cantrill courses are sold individually on the original platform. Courses are aimed at engineers preparing for AWS certifications or otherwise building deep working knowledge of the AWS platform.

What lessons are included in AWS Certified Security - Specialty?

  • Space or K: play or pause
  • J: rewind 10 seconds
  • L: forward 10 seconds
  • Left Arrow: rewind 5 seconds
  • Right Arrow: forward 5 seconds
  • Up Arrow: volume up
  • Down Arrow: volume down
  • M: mute or unmute
  • F: toggle fullscreen
  • T: toggle theater mode
  • I: toggle mini player
  • 0 to 9: seek to 0 to 90 percent of the video
  • Shift plus N: next video
  • Shift plus P: previous video
0:00 0:00
#Lesson TitleDuration
1Public Introduction 06:01
2Finding and Using the Course Resources 14:32
3Site tools and features 09:18
4Scenario - Animals4life 13:29
5AWS Accounts - The Basics 11:34
6[Updated 202204] [DEMO] Creating an AWS Account 20:18
7Multi-factor Authentication (MFA) 08:26
8[Updated 202204] [DEMO] Securing An AWS Account 09:51
9[Updated 202204] [DEMO] Creating a Budget 07:15
10[DOITYOURSELF] Creating the Production Account 05:00
11Identity and Access Management (IAM) Basics 13:02
12[Updated 202204] Adding an IAM Admin - GENERAL ACCOUNT 12:38
13[Updated 202204] Adding an IAM Admin User - PRODUCTION ACCOUNT 07:35
14IAM Access Keys 07:11
15[DEMO] Creating Access keys and setting up AWS CLI v2 tools [UI UPDATE NEEDED] 17:25
16YAML101 - YAML AINT MARKUP LANGUAGE 09:56
17JSON101 - JavaScript Object Notation 07:33
18Network Starter Pack - 0 - INTRO 05:01
19Network Starter Pack - 1 - PHYSICAL 10:01
20Network Starter Pack - 2 - Data Link - Part 1 08:48
21Network Starter Pack - 2 - Data Link - Part 2 14:25
22Decimal to Binary Conversion (IP Addressing) 17:20
23Network Starter Pack - 3 - Network - Part 1 12:07
24Network Starter Pack - 3 - Network - Part 2 19:14
25Network Starter Pack - 3 - Network - Part 3 15:22
26Network Starter Pack - 4&5 - Transport/Session - Part 1 15:40
27Network Starter Pack - 4&5 - Transport/Session - Part 2 14:17
28Network Starter Pack - EXTRA - Network Address Translation - PART1 11:01
29Network Starter Pack - EXTRA - Network Address Translation - PART2 09:39
30Network Starter Pack - EXTRA - Subnetting - PART1 14:37
31Network Starter Pack - EXTRA - Subnetting - PART2 10:34
32Distributed Denial of Service (DDoS) attack 14:39
33Encryption 101 - PART1 13:57
34Encryption 101 - PART2 06:43
35Secure Sockets Layer (SSL) and Transport Layer Security (TLS) 11:42
36Hash Functions & Hashing 13:20
37Digital Signatures 09:27
38[ASSOCIATESHARED] IAM Identity Policies 15:53
39[ASSOCIATESHARED] IAM Users and ARNs 13:50
40[ASSOCIATESHARED] IAM Groups 07:49
41[ASSOCIATESHARED] IAM Roles - The Tech 08:14
42[ASSOCIATESHARED] When to use IAM Roles 15:28
43Service-linked Roles and PassRole 05:17
44Security Token Service (STS) 06:54
45[ASSOCIATESHARED] EC2 Instance Roles & Profile 04:19
46Revoking IAM Role Temporary Security Credentials 09:24
47[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART1 12:13
48[202205UPDATE] [DEMO] Revoking Temporary Credentials - PART2 10:21
49AWS Organizations 12:57
50[202204UPDATE] [DEMO] AWS Organizations - PART1 07:01
51[202204UPDATE] [DEMO] AWS Organizations - PART2 13:56
52Service Control Policies (SCP) 12:44
53[UPDATE202205] [DEMO] Using Service Control Policies 16:46
54IAM Policy Variables 04:59
55Policy Interpretation Deep Dive - Example 1 10:24
56Policy Interpretation Deep Dive - Example 2 09:13
57Policy Interpretation Deep Dive - Example 3 11:00
58AWS Permissions Evaluation 10:26
59[THEORY&WALKTHROUGH] IAM Permissions Boundaries and Delegation 17:29
60External ID … confused deputy 09:08
61Directory Service Deep Dive (Microsoft AD) 10:12
62Directory Service Deep Dive (AD Connector) 07:38
63What is ID Federation? 06:09
64Amazon Cognito - User and Identity Pools 14:45
65[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART1 07:27
66[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART2 07:17
67[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART3 08:15
68[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART4 12:30
69[202205UPDATE] [AdvancedDemo] Implementing a simple WEBIDF App - PART5 02:44
70SAML Federation (this is the old way of doing things, but you need to know the architecture) 12:22
71IAM Identity Center (formally AWS SSO) 09:34
72[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART1 14:54
73[202205UPDATE] [DEMO] Adding Single Sign-on to the Animals4life ORG - PART2 12:24
74[202204UPDATE] [ASSOCIATESHARED] S3 PreSigned URLs 11:12
75[202204UPDATE] [ASSOCIATESHARED] [DEMO] Creating and using PresignedURLs 19:36
76[ASSOCIATESHARED] S3 Security (Resource Policies & ACLs) 18:20
77S3 Object Lock 09:53
78S3 Versioning & MFA 07:42
79[202205UPDATE] [DEMO] Cross Account Access to S3 - SETUP - STAGE1 04:30
80[202205UPDATE] [DEMO] Cross Account Access to S3 - ACL - STAGE2 09:40
81[202205UPDATE] [DEMO] Cross Account Access to S3 - BUCKET POLICY - STAGE3 09:39
82[202205UPDATE] [DEMO] Cross Account Access to S3 - ROLE - STAGE4 08:18
83EC2 Instance Metadata 15:47
84AWS Control Tower 15:43
85Public and Private AWS Services 07:05
86Custom VPCs 14:40
87[ASSOCIATESHARED] VPC Subnets 10:43
88[ASSOCIATESHARED] [DEMO] Implement multi-tier VPC subnets [UPDATED202202] 20:35
89DHCP in a VPC 07:03
90VPC Router Deep Dive 13:22
91Stateful vs Stateless firewalls 14:26
92Network Access Control lists (NACL) 12:39
93Security Groups (SG) 11:49
94Internet Gateway (IGW) Ipv4 and IPv6 15:53
95Egress Only Internet gateway 06:47
96Bastion Hosts & Authentication 06:17
97[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART1 14:10
98[202206UPDATE] [ASSOCIATESHARED] [DEMO] Configuring A4l public subnets and Jumpbox - PART2 11:44
99Port Forwarding 03:34
100Nat Instance 09:42
101Nat Gateway 15:25
102[202207UPDATE] [ASSOCIATESHARED] [DEMO] Implementing private internet access using NAT Gateways 19:28
103IP Sec VPN Fundamentals 14:55
104Virtual Private Gateway Deep Dive (VGW) 08:05
105[REFRESHER] AWS Site-to-Site VPN 18:06
106[DEMO] Simple Site2Site VPN - STAGE0 - SETUP 04:53
107[DEMO] Simple Site2Site VPN - STAGE1 - AWS VPN 10:02
108[DEMO] Simple Site2Site VPN - STAGE2 - onprep pfSense Config 17:10
109[DEMO] Simple Site2Site VPN - STAGE3 - Routing & Security 10:30
110[DEMO] Simple Site2Site VPN - STAGE4 - Testing 05:43
111[DEMO] Simple Site2Site VPN - STAGE5 - Cleanup 01:51
112Client VPN 06:32
113Gateway VPC Endpoints 11:15
114Interface VPC Endpoints 11:26
115[202205UPDATE] [ASSOCIATESHARED] [DEMO] Gateway Endpoint - PART1 12:32
116[202205UPDATE] [ASSOCIATESHARED] [DEMO] Interface Endpoints - PART2 17:23
117[202205UPDATE] [ASSOCIATESHARED] [DEMO] Egress-Only Internet Gateway - PART3 10:25
118Endpoint Policies 12:12
119[202207UPDATE][DEMO] Private S3 Buckets - PART1 - SETUP 08:16
120[202207UPDATE][DEMO] Private S3 Buckets - PART2 17:03
121Advanced VPC DNS & DNS Endpoints 15:02
122VPC Peering 09:05
123[DEMO] VPC Peering 22:39
124EBS Encryption Architecture 08:23
125[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART1 17:00
126[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART2 14:23
127[202206UPDATE] [ASSOCIATESHARED] [DEMO] EBS Volumes - PART3 14:30
128EBS Volume Secure wipes 04:13
129S3 Access Points 05:53
130CloudFront - Architecture 14:57
131AWS Certificate Manager (ACM) 11:22
132CloudFront - SSL/TLS & SNI 15:00
133CloudFront - Security - OAI & Custom Origins 08:51
134CloudFront - Georestrictions 09:41
135CloudFront - Private Behaviours, Signed URL & Cookies 07:50
136CloudFront - Field Level Encryption 09:01
137Lambda@edge 08:04
138DDOS 101 14:39
139AWS Shield 09:48
140[202207UPDATE] AWS Network Firewall - 101 14:19
141Cloudwatch 101 - PART1 09:45
142Cloudwatch 101 - PART2 09:20
143CloudWatch Logs Architecture 13:45
144CloudWatch Events and EventBridge 06:55
145S3 Events 04:33
146[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART1 18:04
147[202207UPDATE] [DEMO] S3 Events + Lambda (Pixelator) - PART2 17:44
148SNS Architecture 07:50
149AWS Security Hub 05:03
150Amazon Inspector 06:29
151AWS Trusted Advisor 08:55
152AWS Config 06:15
153VPC Flow Logs 09:57
154Application Layer (7) Firewalls 07:45
155Web Application Firewall (WAF), WEBACLs, Rule Groups and Rules 19:18
156[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART1 12:26
157[202205UPDATE] [ASSOCIATESHARED] [DEMO] Logging and Metrics with CW Agent-PART2 09:08
158CloudTrail Architecture 11:41
159[202205UPDATE] [UPDATED][DEMO] Implementing an Organizational Trail 18:27
160CloudTrail log file integrity validation 06:29
161AWS Athena 101 08:20
162[DEMO] Athena Demo - PART1 13:32
163[DEMO] Athena Demo - PART2 11:38
164Amazon Macie 101 12:05
165AWS Glue 101 06:24
166AWS Artifact 01:48
167What is a hardware security Module (HSM) 06:41
168AWS Key Management Service (KMS) 101 18:39
169CloudHSM 14:37
170S3 Object Encryption - PART1 10:10
171S3 Object Encryption - PART2 11:32
172[202207UPDATE] [SHAREDALL] [DEMO] Object Encryption and Role Separation 17:08
173Envelope Encryption 08:07
174Bucket Keys 06:00
175AWS Managed Keys vs Customer managed Keys 06:46
176[202207UPDATE] [SHAREDALL] [DEMO] KMS - Encrypting the battleplans with KMS 12:44
177Importing Key Material vs Generated Key Material 07:38
178Asymmetric keys in KMS 03:26
179Digital Signing using KMS 04:17
180Encryption SDK - Data Key Caching 06:28
181KMS security Model & Key Policies 05:52
182KMS Grants 07:17
183KMS Multi-region keys 05:30
184CloudHSM vs KMS 03:23
185KMS Custom Key Stores 04:50
186AWS Secrets Manager 101 07:45
187RDS Encryption & IAM Authentication 07:04
188DynamoDB Encryption 05:22
189KMS encryption context 08:14
190[SHAREDALL] Elastic Load Balancer Architecture - PART1 10:19
191Elastic Load Balancer Architecture (ELB) - PART2 12:33
192[SHAREDALL] Application Load balancing (ALB) vs Network Load Balancing (NLB) 16:21
193ELB : SSL Offload and Session Stickiness 12:12
194Load Balancer Security Policies 03:29
195AWS Abuse Notice, UAP & Penetration Testing 07:19
196AWS Guardduty 101 04:15
197Amazon Detective 03:13
198General AWS Exam Technique - 3 Phase Approach 08:57
199[SHAREDALL] General AWS Question Technique - PART1 14:13
200General AWS Question Technique - PART2 09:02
201Exam Question Walkthrough #1 08:17
202Exam Question Walkthrough #2 04:54
203Thanks and a Favour 03:16
204[update ch 28.07.23]AWS Service Catalog 07:08
205[update ch 28.07.23]AWS Resource Access Manager (RAM) 14:44
206[update ch 28.07.23]Trusted Advisor 08:55
207[update ch 28.07.23]CloudFormation Physical & Logical Resources 07:31
208[update ch 28.07.23]CloudFormation Template and Pseudo Parameters 06:54
209[update ch 28.07.23]CloudFormation Intrinsic Functions 14:29
210[update ch 28.07.23]CloudFormation Mappings 04:31
211[update ch 28.07.23]CloudFormation Outputs 03:38
212[update ch 28.07.23]CloudFormation Conditions 07:25
213[update ch 28.07.23]CloudFormation DependsOn 07:15
214[update ch 28.07.23]CloudFormation Wait Conditions & cfn-signal 11:53
215[update ch 28.07.23]CloudFormation Nested Stacks 13:56
216[update ch 28.07.23]CloudFormation Cross-Stack References 10:06
217[update ch 28.07.23]CloudFormation Deletion Policy 05:25
218[update ch 28.07.23]CloudFormation Stack Roles 06:48
219[update ch 28.07.23]CloudFormation ChangeSets 11:04
220[update ch 28.07.23]CloudFormation Custom Resources 11:03
221[update ch 28.07.23][SHAREDALL] [DEMO] Custom VPCs - PART2 - DEMO 05:41
222[update ch 28.07.23]Implementing DNSSEC using Route53 17:44
223[update ch 28.07.23][DEMO] Amazon Macie 15:36
224[update ch 28.07.23][SHAREDALL] [DEMO] Seeing Session Stickiness in Action 12:58

What courses are similar to AWS Certified Security - Specialty?

More courses by Adrian Cantrill

Frequently asked questions

What are the prerequisites for this course?
This course does not list specific prerequisites, but familiarity with AWS services and basic networking concepts will be beneficial. The course covers foundational topics like Identity and Access Management (IAM), network basics, and AWS account security, which suggests that some prior exposure to AWS infrastructure and security concepts could enhance your learning experience.
What kind of projects or scenarios will I work on during the course?
The course includes a scenario called 'Animals4life', which is designed to help you apply security concepts in a practical setting. Lessons also involve hands-on demonstrations like securing an AWS account, creating budgets, and using IAM roles and policies, providing a practical approach to learning AWS security.
Who is the target audience for this course?
The course is aimed at IT professionals seeking to pass the AWS Certified Security - Specialty exam (SCS-C01). It is suitable for individuals who want to deepen their knowledge of AWS security practices, particularly those who have some experience with AWS and are looking to specialize in security.
How does the depth of this course compare to other AWS security courses?
With 224 lessons covering topics from basic IAM configuration to advanced policy interpretation and security token services, this course offers a detailed exploration of AWS security. It includes both theoretical concepts and practical demonstrations, making it more comprehensive than introductory courses but specifically tailored to the AWS Certified Security - Specialty exam requirements.
What specific tools or platforms will I learn to use in this course?
The course covers a variety of AWS security tools, including Identity and Access Management (IAM), AWS CLI v2, and AWS Organizations. It also delves into network security concepts like subnetting and DDoS protection, ensuring you gain practical skills in managing AWS security.
What topics are not covered in this course?
The course is focused specifically on AWS security and does not cover general programming or non-AWS cloud platforms. It also does not delve into non-security-related AWS services in detail, as the primary goal is to prepare students for the AWS Certified Security - Specialty exam.
How can the knowledge from this course be applied to other areas in IT or future learning?
The skills gained in this course are directly applicable to roles involving AWS security management and can enhance your understanding of cloud security principles. The course's emphasis on IAM, network security, and encryption provides a solid foundation for further specialization in cloud security or related certifications, such as AWS Certified Solutions Architect or AWS Certified DevOps Engineer.