AWS Certified Security Specialty Exam

Tutorials Dojo Study Guide and Cheat Sheets - AWS Certified Security - Specialty
TABLE OF CONTENTS
INTRODUCTION
AWS CERTIFIED SECURITY SPECIALTY EXAM OVERVIEW
AWS CERTIFIED SECURITY SPECIALTY EXAM - STUDY GUIDE AND TIPS
Domain 1: Incident Response
	Overview
	Using AWS Config Rules for Automated Checks and Remediation
	Incident Response Management using Trusted Advisor
	Evaluating the Impact of an Exposed AWS Access Key
	Incident Response Using Amazon GuardDuty
	AWS Personal Health Dashboard
	Using Amazon Inspector for Incident Management
	AWS Systems Manager Patch Manager
	Securing Amazon EC2 Instances That Have Compromised SSH Private Keys
	AWS Artifact Security Reports and AWS Compliance-Related Information
	AWS Abuse
Domain 2: Logging and Monitoring
	Overview
	Logging and Monitoring Services in AWS
	AWS CloudTrail
	Central Logging Using AWS CloudTrail
	Amazon CloudWatch Logs Agent Troubleshooting
	Central Log Collection using CloudWatch Logs
	Using CloudWatch Metric Filter When Too Many Unauthorized AWS API Requests areIdentified
	Amazon CloudWatch Managed Policies
	Real-time Logging Using Kinesis Firehose and Elasticsearch
Domain 3: Infrastructure Security
	Overview
	AWS Key Management Service (AWS KMS) Basics
	AWS KMS API
	Delegating Permissions and KMS Actions in AWS KMS
	AWS KMS Customer Master Key (CMK) Rotation
	Using Encryption Context for Additional Authenticated Data (AAD) to Support AuthenticatedEncryption
	Storing Encryption Keys Using AWS CloudHSM
	AWS WAF and AWS Firewall Manager
	Block User Requests from Bot that Has a Distinct User-Agent HTTP Header
	Adding HTTP Security Headers Using Lambda@Edge and CloudFront
	Securing Amazon S3 and CloudFront Web Distributions
	Uploading Large Sensitive Files in KMS-Encrypted S3 Bucket
	Protecting from DDOS Attacks through AWS Shield
	Investigating AWS Resources that are Possibly Compromised
	User Authentication Using Amazon Cognito
	Managing Instance Profile
	Using VPN to Protect Employees Who are Connecting to AWS Resources
	Penetration Testing in AWS
	AWS Billing Permissions
	Preventing Staff from Adding Rules to Security Groups without any Approval
	Setting up Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) Software
	Setting up ADFS Federation Between On-premises Active Directory and AWS
	NACL - Ephemeral Port Range
	Minimize Potential Attack Surface
	Using AWS Systems Manager Parameter Store and AWS Secrets Manager to Store SystemCredentials
	Amazon VPC Flows Logs
	Amazon GuardDuty Multi-account Aggregation
	Host-Based Security
	Domain Whitelisting Using Proxy Servers
	Certificate Management Using AWS Certificate Manager
	Elastic Load Balancer Security
	DynamoDB Security
Domain 4: Identity and Access Management
	Overview
	Troubleshooting Amazon QuickSight and Athena Connectivity
	AWS IAM Basics
	AWS IAM Identities in AWS
	How AWS IAM Handles Conflicting IAM Policies Attached to a Resource
	IAM Permissions Boundary
	Using the iam:PassRole permission to pass an IAM Role to AWS Services
	Mapping Permissions of Active Directory User Attributes to AWS Services
	Using AWS Organizations to Provide Access to Third-Party AWS Accounts
	Generating Credential Reports for your AWS Account Using AWS IAM
	Choosing the Most Suitable AWS STS API for Authentication
Domain 5: Data Protection
	Overview
	Securing Data In AWS CloudFront
	Using Elastic Load Balancer For Encrypting Traffic
	Recovering the Data of an Encrypted Amazon EBS Volume if You Lose the CMK
	Vault Locking in Amazon S3 Glacier
	Data Protection in Amazon Kinesis Data Analytics
	Protecting Your S3 Bucket
AWS CHEAT SHEETS
	Amazon Cognito
	Amazon Detective
	Amazon GuardDuty
	Amazon Inspector
	Amazon Macie
	AWS Artifact
	AWS Certificate Manager
	AWS Directory Service
	AWS Fargate
	AWS Identity and Access Management (AWS IAM)
	AWS Organizations
	AWS Resource Access Manager
	AWS Secrets Manager
	AWS Security Hub
	AWS Shield
	AWS WAF
	Comparison of AWS Services
FINAL REMARKS AND TIPS
ABOUT THE AUTHORS