AWS Certified Security Study Guide
Specialty (SCS-C01) Exam
Marcello Zillo Neto, Gustavo A. A. Santana, Fernando Sapata, Mauricio Munoz, Alexandre M. S. P. Moraes, Thiago Morais, Dario Lucas Goldfarb
- English
- ePUB (mobile friendly)
- Available on iOS & Android
AWS Certified Security Study Guide
Specialty (SCS-C01) Exam
Marcello Zillo Neto, Gustavo A. A. Santana, Fernando Sapata, Mauricio Munoz, Alexandre M. S. P. Moraes, Thiago Morais, Dario Lucas Goldfarb
About This Book
Get prepared for the AWS Certified Security Specialty certification with this excellent resource
By earning the AWS Certified Security Specialty certification, IT professionals can gain valuable recognition as cloud security experts. The AWS Certified Security Study Guide: Specialty (SCS-C01) Exam helps cloud security practitioners prepare for success on the certification exam. It's also an excellent reference for professionals, covering security best practices and the implementation of security features for clients or employers.
Architects and engineers with knowledge of cloud computing architectures will find significant value in this book, which offers guidance on primary security threats and defense principles. Amazon Web Services security controls and tools are explained through real-world scenarios. These examples demonstrate how professionals can design, build, and operate secure cloud environments that run modern applications.
The study guide serves as a primary source for those who are ready to apply their skills and seek certification. It addresses how cybersecurity can be improved using the AWS cloud and its native security services. Readers will benefit from detailed coverage of AWS Certified Security Specialty Exam topics.
- Covers all AWS Certified Security Specialty exam topics
- Explains AWS cybersecurity techniques and incident response
- Covers logging and monitoring using the Amazon cloud
- Examines infrastructure security
- Describes access management and data protection
With a single study resource, you can learn how to enhance security through the automation, troubleshooting, and development integration capabilities available with cloud computing. You will also discover services and tools to develop security plans that work in sync with cloud adoption.
Frequently asked questions
Information
Chapter 1
Security Fundamentals
- Domain 1: Incident Response
- 1.2. Verify that the Incident Response plan includes relevant AWS services
- Domain 2: Logging and Monitoring
- 2.1. Design and implement security monitoring and alerting
- Domain 3: Infrastructure Security
- 3.1. Design edge security on AWS
- 3.2. Design and implement a secure network infrastructure
- Domain 4: Identity and Access Management
- 4.1. Design and implement a scalable authorization and authentication system to access AWS resources
- Domain 5: Data Protection
- 5.3. Design and implement a data encryption solution for data at rest and data in transit
Introduction
- Basic security definitions
- Foundational networking concepts
- Main classes of attacks
- Important security solutions and services
- Well-known security frameworks and models
Understanding Security
- Security is neither a product nor a service. First of all, there is no single product that can act as a “magic black box” that will automatically solve every problem. Moreover, the available capabilities of a given product will be helpful only when they are properly enabled for actual use.
- Security is not a technology. Technologies, including those that provide visibility and the ability to block traffic as well as respond to attack situations, may be grouped to form an important defensive system. However, the threat matrix is an ever-changing object, meaning that several techniques and tools that have been largely employed on well-known attack scenarios may prove ineffective when facing the newest challenges.
- Security is not static. It is not something that you do once and quickly forget. Processes must exist for dealing with planning, implementation, testing, and updating tasks. And all of these items must involve people and discipline.
- Security is not a check box. You should know what you are protecting against and, once you determine that, look for resources that can demonstrate true security effectiveness.
- Security is not made only by nominal security elements. In spite of the existence of dedicated security hardware and software products, security is not limited to them. For example, there are countless contributions that can be given to the overall security process by well-configured network infrastructure devices such as routers.
- Security is not a beautiful graphical user interface (GUI). You should always understand what is going on behind the scenes—what is in the brain of the system and not relying blindly, for instance, on reports that state “you are protected.”
- Business Objectives The main references for policy definition, these are related to the classic “Why we are here?” and “What are we trying to achieve?” questions that are answered in mission statements or company strategies for a period.
- Regulatory Requirements These are specific to the industry sector to which the organization belongs and must be always considered. These requirements are normally able to gi...