Top learnings from AWS Security

1
www.infosectrain.com
Top learnings from AWS Security
2
InfosecTrain
About Us
InfosecTrain is one of the finest Security and
Technology Training and Consulting organization,
focusing on a range of IT Security Trainings and
Information Security Services. InfosecTrain was
established in the year 2016 by a team of
experienced and enthusiastic professionals, who
have more than 15 years of industry experience.
We provide professional training, certification
consulting services related to all areas of
Information Technology and Cyber Security.
3
(No Transcript)
4
Top learnings from AWS Security

• Its presumably nothing unexpected that security
  is one of the most popular game plays in the IT
  industry. In the age of cyberwarfare, security is
  the most important aspect of any organization or
  an individual. Its likewise profoundly
  imperative to our clients and any organization
  thinking about moving to the cloud. Cloud
  technology is exponentially growing, and as it
  acquires the market, the need for securing it
  from breaches and vulnerabilities grows
  proportionally. The AWS Certified Security
  Specialty certification concedes expert cloud
  security specialists to verify and certify their
  understanding of securing the AWS domain. This
  examination is designed for peers who perform a
  security role in an organization. It authorizes a
  candidates ability to adequately express
  knowledge of how to secure the AWS platform.
• Path to AWS Certified Security Specialty
• There are four levels of AWS Certifications.  It
  starts with the Foundational level, followed by
  the Associate level, Professional level, and
  Specialty level.  The AWS Certified Security
  Specialty falls under the Specialty
  certification level. The various certifications
  under each level are

• CCISO Certification

5

• Foundational certifications The AWS Certified
  Cloud Practitioner certificate is the initial
  certification that does not demand any prior
  experience. An essential comprehension of AWS
  cloud administrations is adequate to take this
  certification program. 
• Associate certification The Associate level
  certifications are followed by AWS Certified
  Solution Architect, AWS Certified SysOps
  Administrator, and AWS Certified Developer
  Associate. 
• Professional certification The certifications
  that are at the professional level are Solution
  Architect Professional and AWS Certified DevOps
  Engineer. 
• Specialty certification The certifications that
  fall under this category are AWS Certified
  Advanced Networking, AWS Certified Security
  Specialty, AWS Certified Machine Learning
  Specialty, AWS Certified Alexa Skill Builder,
  AWS Certified Database Specialty, and AWS
  Certified Data Analytics Specialty.

6
Benefits of AWS Security Specialty Certification

• The AWS Security Specialty certification is one
  of the first Security certifications from AWS and
  comes with a lot of benefits. Some of its
  benefits are
• It provides you with a sound knowledge of the
  security domain of AWS infrastructure.
• It provides you a greater level of understanding
  of specialized data classifications and AWS data
  protection mechanisms.
• It provides knowledge of data-encryption methods
  and AWS mechanisms to implement them.
• It provides insight into secure Internet
  protocols and AWS mechanisms to implement them.
• It renders the practical experience of AWS
  security services and features of services to
  provide security of the production environment.
• It lets you gain competency from two or more
  years of production deployment experience using
  AWS security services and features.
• It provides you an ability to execute tradeoff
  conclusions with regard to cost, security, and
  deployment complexity given a set of application
  specifications.
• It gives you an in-depth knowledge of security
  operations and risks.
• Candidates with this certification add more value
  to their organization than their co-workers.
• It is one of the top 10 most popular
  cybersecurity certifications of 2020.

7

• Objectives of the exam
• The AWS Security exam not only validates your
  knowledge of the security study, but it also
  provides
• A comprehension of particular Data
  Classifications and AWS Data Protection
  Mechanisms Data Classification is an essential
  approach in Cybersecurity Risk management. It
  includes distinguishing the kinds of data that
  are being handled and stored. AWS offers a few
  services and assistance that can encourage the
  organization, implementation of data
  classification, and protection mechanism. 
• A comprehension of data-encryption strategies and
  AWS mechanisms to execute them Data protection
  ensures the protection of data while in transit
  and data at rest. You can secure data in transit
  by adopting SSL or by using client-side
  encryption. Be that as it may, you have different
  choices to ensure the protection of data at rest
  and in transit using AWS services.
• A comprehension of secure internet protocols and
  AWS mechanisms to perform them While reaching
  out to AWS resources for data transmission, you
  must use HTTPS rather than HTTP for better
  communication security. HTTPS uses SSL or TLS
  protocol, which uses public-key cryptography to
  prevent eavesdropping, tampering, and forgery.
  You have to get accustomed to these protocols and
  their implementation with various AWS services. 

8

• Working familiarity with AWS security services
  and features of services to provide a secure
  production environment It is essential to play
  out certain active labs or practices when you
  prepare for the exam. Half of the exam questions
  will focus on low-level technical details or
  implementation. It will be hard to answer them
  without any hands-on experience. 
• Competency picked up from at least two years of
  production deployment experience using AWS
  security services and features This is like the
  former objective but focuses more on production
  implementation expertise. When we talk about
  production, it is more enthralled on incident
  response monitoring and logging domains. 
• Intelligence to perform tradeoff choices
  concerning cost, security, and deployment
  complexity is given a set of application
  obligations This goal is more centered on
  testing our ability to make decisions depending
  on the selected design solutions against security
  and cost. Sometimes your design might be a
  cost-effective design, but it may not fulfill the
  security requirements, or you may have the best
  solution to address the security requirements,
  but it may not fall under your operational
  budget. So, when you design a solution, you must
  consider other requirements such as cost,
  security, resource, and complexity of your
  solution
• Comprehension of Security operations and
  risks Although governance risk and compliance
  are considered discrete functions, there is a
  relationship. Governance establishes the strategy
  and control for meeting specific requirements
  that align and support the business. Risk
  management interfaces explicit controls to the
  governance and evaluates risk, and provides
  business leaders with the information they
  require to make the decisions. It is a more
  functional area to focus on, which spreads across
  all exam domains.

9

• Recommended AWS knowledge
• Here are some of the recommended requirements and
  prerequisites, but these are not mandatory.
• A minimum of five years of experience in the IT
  security domain designing and implementing
  security solutions
• At least two years of experience in securing AWS
  workloads
• Knowledge of implementing security controls for
  workloads on AWS
• Exam details
• Exam Pattern Multiple Choice, Multiple
  responsesDuration 170 minutesNumber of
  questions 65Passing score 750 out of 1000
• Domains of Security SpecialityThe AWS Security
  Specialty certification deals in five domains
• Domain 1 Incident Response (12)
• Assess suspected compromised instance and exposed
  access keys
• Validate that the Incident Response plan include
  relevant AWS services
• Assess configuration of automated alerting, and
  execute possible remediation of security-related
  incidents and emerging issues

10

• Domain 2 Logging and Monitoring (20)
• Design and implement security monitoring and
  alerting.
• Troubleshoot security monitoring and alerting.
• Design and implement a logging solution.
• Troubleshoot logging solutions.
• Domain 3 Infrastructure Security (26)
• Design edge security on AWS.
• Design and implement a secure network
  infrastructure.
• Troubleshoot a secure network infrastructure.
• Design and implement host-based security.
• Domain 4 Identity and Access Management (20)
• Design and deploy a scalable authorization and
  authentication system for accessing AWS
  resources.
• Troubleshoot the authorization and authentication
  system to access various AWS resources.

11

• Domain 5 Data Protection (22)
• Design and implement key management
• Troubleshoot key management
• Create and implement a data encryption solution
  for data at rest and data in transit.
• AWS Security Specialty with InfosecTrain
• You can join the AWS Certified Security
  Specialty Training (SCS-C01) for professional
  knowledge and an in-depth understanding of Cloud
  security. We are one of the prominent training
  providers with our well-read and experienced
  trainers. The courses will help you understand
  the basic concepts and provide a sound knowledge
  of the subject. This certification will truly
  merit each penny and minute you have invested.

12
(No Transcript)
13
ABOUT OUR COMPANY
OUR CONTACT
InfosecTrain welcomes overseas customers to come
and attend training sessions in destination
cities across the globe and enjoy their learning
experience at the same time.
 44 7451208413
https//www.facebook.com/Infosectrain/
sales_at_infosectrain.com
https//www.linkedin.com/company/infosec-train/
www.infosectrain.com
https//www.youtube.com/c/InfosecTrain