AWS Certified Security - Specialty Training Course

  • Designed for results
  • World-class experts
  • Flexible online learning

Overview

With this video-based, online, certification training course, you’ll master the skills needed to pass the AWS Security Specialty exam to earn one of the most sought-after certifications in the technology sector. This course allows you to learn at your own pace, with 5+ hours of expert-led video lessons that will walk you through demonstrations, exam topics, and sample questions. You’ll get expert advice on how to solve exam problems, flashcards and quizzes to maximize learning, and sample tests to practice taking the exam. Guided labs are included to give you hands-on experience completing the tasks required of AWS security professionals.

Who should take this course

Skill level | Intermediate to advanced

  • Anyone preparing for the AWS Security Specialty exam to get certified
  • IT professionals looking to level up their knowledge of Amazon Web Services security and practice with real-world examples

It is recommended that you have basic knowledge of general security concepts and AWS security concepts before taking this course.

For an optimal course experience, we recommend using these browsers and devices.

Course includes

  • 5+ hours of expert-led training videos to watch and learn at your own pace
  • Hands-on labs to simulate the experience of applying AWS security skills to the 5 domains of the Security Specialty exam
  • Self-study tools, such as flashcards to master key terms and quizzes to self-assess your progress
  • Complete practice tests to ensure you’re ready to take the AWS Security Specialty exam with confidence
  • 1 year of access*

What you'll learn

This self-paced certification course will help you master all the skills tested on the AWS Security Specialty exam, including but not limited to:

  • Determining and applying correct responses for various security incidents and monitoring situations
  • Applying automated log management processes and navigating complex implementation scenarios
  • Evaluating IAM policy examples and troubleshooting broken permissions
  • Enabling server-side encryption for CloudWatch logs
  • Implementing end-to-end encryption for an application infrastructure

*Retake guarantee

Retake guaranteeDidn't pass your certification exam on your first try? We'll give you six months of additional access at no cost.

About Pearson IT Training Courses

Pearson IT Training Courses are complete and affordable packages of expert-led, self-paced courses designed to help you stand out with in-demand skills that take your career to the next level.

From learning to hands-on practice and application, our comprehensive certification prep courses ensure you are ready for exam success.

Course expert

  • Chad Smith - Certified AWS architect

    Chad Smith

    Chad Smith is the Principal Cloud Architect at Brightkey.cloud. He is a certified architect for both Amazon Web Services and Google Cloud Platform. He brings a wealth of relevant experience in cloud adoption, infrastructure design, data security, and cloud operations. Chad holds current AWS certifications in Architecture (Associate and Professional), SysOps, Security, Database, and Networking.

Course outline

  • Introduction
  • Module introduction
  • Lesson 1: AWS Certified Security - Specialty Basics
    • Learning objectives
    • 1.1 Introduction to Security
    • 1.2 Exam Details
    • 1.3 Course Scope Details
    • 1.4 Certification Candidate Skills
    • Lesson 1: Quiz
  • Module introduction
  • Lesson 2: Incident Response
    • Learning objectives
    • 2.1 Abuse Notice Strategies
    • 2.2 Incident Response Basics
    • 2.3 IR Preparation
    • 2.4 IR Detection & Analysis
    • 2.5 IR Containment Eradication & Recovery
    • 2.6 IR Post-Incident Activity
    • 2.7 Case Study: Compromised EC2
    • 2.8 Question Breakdown
    • Exercise: Enable GuardDuty, Configure EventBridge Rule to Send Notification to SNS
    • Lesson 2: Flashcards
    • Lesson 2: Quiz
  • Module introduction
  • Lesson 3: Security Monitoring
    • Learning objectives
    • 3.1 Infrastructure Security Monitoring
    • Lab: Enabling and Disabling GuardDuty
    • Lab: Creating VPC Flow Logs
    • 3.2 Application Security Monitoring
    • Lab: Enabling CloudTrail
    • 3.3 Account Security Monitoring
    • 3.4 Troubleshooting Security Monitoring
    • Lab: Creating a CloudWatch Alarm
    • 3.5 Case Study: Broken Monitoring
    • 3.6 Question Breakdown
    • Exercise: Enable CloudTrail for Account with S3 and CWL
    • Lesson 3: Flashcards
    • Lesson 3: Quiz
  • Lesson 4: Logging Solutions
    • Learning objectives
    • 4.1 Access Logs
    • Lab: Enabling Access Logging for an Amazon S3 Bucket
    • 4.2 Execution Logs
    • Viewing Logs Using the Lambda Console
    • 4.3 Security Logs
    • 4.4 Log Processing
    • Lab: Creating a Kinesis Firehose Delivery Stream
    • 4.5 Case Study: Automated Log Management
    • 4.6 Question Breakdown
    • Exercise: Enable VPC Flow Logs on a Default VPC
    • Lesson 4: Flashcards
    • Lesson 4: Quiz
  • Module introduction
  • Lesson 5: Infrastructure Security Part 1
    • Learning objectives
    • 5.1 Edge Security
    • 5.2 VPC Network Security
    • Lab: Creating an AWS VPC
    • Lab: Creating a Subnet within VPC
    • Lab: Creating a Security Group
    • Lab: Creating a Custom Route Table
    • 5.3 VPC Egress Security
    • Lab: Creating an Internet Gateway
    • Lab: Creating a VPC Peering Connection
    • Lab: Creating a Gateway Endpoint
    • Lab: Creating an Interface Endpoint
    • 5.4 Multiple VPC Strategies
    • Lab: Creating a Transit Gateway
    • 5.5 Case Study: Multi-scope Infrastructure Design
    • 5.6 Question Breakdown
    • Exercise: Configure Inbound and Outbound Network ACLs for a VPC
    • Lesson 5: Flashcards
    • Lesson 5: Quiz
  • Lesson 6: Infrastructure Security Part 2
    • Learning objectives
    • 6.1 Network Troubleshooting
    • 6.2 Host-Based Security
    • Lab: Using Amazon EC2
    • Lab: Creating an SNS Topic
    • Lab: Creating the AWS Lambda Function and Invoking It
    • 6.3 Case Study: The Golden AMI Pipeline
    • Lab: Creating an AMI from a Launched Instance
    • Lab: Creating an AWS Elastic Beanstalk Application
    • 6.4 Question Breakdown
    • Exercise: Install Amazon Inspector Agent on EC2 and Execute Assessment Run
    • Lesson 6: Flashcards
    • Lesson 6: Quiz
  • Module introduction
  • Lesson 7: Permissions and Roles
    • Learning objectives
    • 7.1 AWS Credentials
    • 7.2 IAM Policy Details
    • 7.3 IAM Policy Conditions
    • 7.4 Policy Evaluation Logic
    • 7.5 Assuming IAM Roles
    • Lab: Creating an IAM Role
    • Lab: Creating an IAM Policy
    • 7.6 Case Study: IAM Policy Examples
    • 7.7 Question Breakdown
    • Exercise: Create an IAM Policy with two conditions. The first condition will allow EC2 instance launch from your IP, the second condition will deny EC2 instance launch if there is no Name tag.
    • Lesson 7: Flashcards
    • Lesson 7: Quiz
  • Lesson 8: Federation and Resource-based Access Control
    • Learning objectives
    • 8.1 SAML Federation
    • 8.2 Cognito User Pool Federation
    • Lab: Creating a User Pool
    • 8.3 Cognito Identity Pool Federation
    • 8.4 AWS SSO Federation
    • 8.5 AWS Organizations
    • 8.6 S3 Access Control
    • Lab: Creating an Amazon S3 Bucket
    • 8.7 API Gateway and Lambda Access Control
    • 8.8 Troubleshooting Permissions
    • Lab: Creating an Elasticsearch Domain
    • 8.9 Case Study: Broken Permission Examples
    • 8.10 Question Breakdown
    • Exercise: Create an S3 Bucket ACL to Enable Access Logs from Another S3 Bucket
    • Lesson 8: Flashcards
    • Lesson 8: Quiz
  • Module introduction
  • Lesson 9: Key Management
    • Learning objectives
    • 9.1 Symmetric Data Encryption
    • Lab: Creating and Disabling an AWS KMS Key
    • Lab: Creating an AWS CloudHSM Cluster
    • 9.2 AWS KMS Basics
    • 9.3 AWS KMS Access Control
    • 9.4 AWS CloudHSM
    • 9.5 AWS Certificate Manager
    • Lab: Creating CloudFront
    • Lab: Creating an Elastic Load Balancer
    • 9.6 Using Keys for Authentication
    • 9.7 Troubleshooting Key Management
    • 9.8 Case Study: CloudWatch Logs Encryption
    • 9.9 Question Breakdown
    • Exercise: Create a KMS CMK with Key Policy for S3 Server-Side Encryption
    • Lesson 9: Flashcards
    • Lesson 9: Quiz
  • Lesson 10: Data Encryption At-rest and In Transit
    • Learning objectives
    • 10.1 Data Encryption At-rest by Default
    • Lab: Creating a Glacier Vault
    • Lab: Creating a DynamoDB Table and Putting Items in it
    • 10.2 Data Encryption At-rest as Option
    • Lab: Creating an SQS Queue
    • Lab: Creating an Amazon Redshift Cluster
    • Lab: Configuring Amazon ElastiCache
    • Lab: Creating an Amazon Elastic File System
    • 10.3 Data Encryption At-rest Operations
    • 10.4 Data Encryption In Transit - Web
    • 10.5 Data Encryption In Transit - Storage
    • 10.6 Data Encryption In Transit - Network
    • Lab: Creating a Virtual Private Gateway
    • 10.7 Case Study: End-to-End Encryption
    • 10.8 Question Breakdown
    • Exercise: Configure At-rest Encryption for an EBS Volume
    • Lesson 10: Flashcards
    • Lesson 10: Quiz
  • Module introduction
  • Lesson 11: Next Steps
    • Learning objectives
    • 11.1 Study Strategies
    • 11.2 Study Resources
  • Summary
Add to cart form
$250

Everything you need

  • Video-based lessons (5+ hours)
  • Interactive lab exercises
  • Self-study quizzes
  • Practice tests
  • 1-year access

Course experts

  • Chad Smith

    Top-ranked AWS and Google Cloud trainer

    Chad Smith

Recommended for you

AWS Certified Security - Specialty Training Course

$250.00