ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب AWS Security Cookbook: Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS

دانلود کتاب کتاب آشپزی امنیتی AWS: راه حل های عملی برای مدیریت سیاست های امنیتی، نظارت، ممیزی و انطباق با AWS

AWS Security Cookbook: Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS

مشخصات کتاب

AWS Security Cookbook: Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS

ویرایش:  
نویسندگان:   
سری:  
ISBN (شابک) : 1838826254, 9781838826253 
ناشر: Packt Publishing 
سال نشر: 2020 
تعداد صفحات: 0 
زبان: English 
فرمت فایل : MOBI (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 66 مگابایت 

قیمت کتاب (تومان) : 47,000

در صورت ایرانی بودن نویسنده امکان دانلود وجود ندارد و مبلغ عودت داده خواهد شد



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 9


در صورت تبدیل فایل کتاب AWS Security Cookbook: Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب کتاب آشپزی امنیتی AWS: راه حل های عملی برای مدیریت سیاست های امنیتی، نظارت، ممیزی و انطباق با AWS نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب کتاب آشپزی امنیتی AWS: راه حل های عملی برای مدیریت سیاست های امنیتی، نظارت، ممیزی و انطباق با AWS



زیرساخت خدمات وب آمازون (AWS) خود را با خط‌مشی‌های مجوز، مدیریت کلید، و امنیت شبکه، همراه با پیروی از بهترین شیوه‌های امنیت ابری، ایمن کنید

ویژگی‌های کلیدی< /h4>

  • دستورالعمل‌های مفید برای پیاده‌سازی راه‌حل‌های امنیتی ابری قوی در AWS را کاوش کنید
  • زیرساخت‌های AWS و بارهای کاری خود را با استفاده از CloudWatch، CloudTrail، config، GuardDuty و Macie نظارت کنید
  • با بررسی مدل‌های امنیتی مختلف و پیشنهادات انطباق، برای آزمون AWS Certified Security-Specialty آماده شوید

توضیحات کتاب

به عنوان یک مشاور امنیتی، زیرساخت‌های خود را با اجرای سیاست‌ها و پیروی از بهترین شیوه ها حیاتی است. این کتاب آشپزی راه‌حل‌های عملی برای رایج‌ترین مشکلات مربوط به حفاظت از زیرساخت، پوشش خدمات و ویژگی‌های AWS را مورد بحث قرار می‌دهد که می‌تواند به شما در پیاده‌سازی مدل‌های امنیتی مانند سه‌گانه CIA (محرمانه، یکپارچگی، و در دسترس بودن) و سه‌گانه AAA (احراز هویت، مجوز) کمک کند. ، و در دسترس بودن)، همراه با عدم انکار.

این کتاب با خط‌مشی‌های IAM و S3 شروع می‌شود و بعداً شما را با امنیت داده‌ها، امنیت برنامه‌ها، نظارت و انطباق سریع آشنا می‌کند. این شامل همه چیز است، از استفاده از فایروال ها و متعادل کننده های بار گرفته تا نقاط پایانی ایمن، تا استفاده از Cognito برای مدیریت کاربران و احراز هویت. در طول این کتاب، شما یاد خواهید گرفت که از خدمات امنیتی AWS مانند Config برای نظارت استفاده کنید و همچنین با GuardDuty، Macie و Inspector مطابقت داشته باشید. در نهایت، این کتاب بهترین شیوه‌های امنیت ابر را پوشش می‌دهد و نشان می‌دهد که چگونه می‌توانید خدمات امنیتی اضافی مانند Glacier Vault Lock و Security Hub را برای تقویت بیشتر زیرساخت‌های خود ادغام کنید.

در پایان این کتاب، شما به خوبی با تکنیک های مورد نیاز برای ایمن سازی استقرارهای AWS آشنا خواهید شد، همراه با دانش آماده شدن برای گواهینامه AWS Certified Security – Speciality.

< h4>آنچه یاد خواهید گرفت
  • کاربران، گروه‌ها، نقش‌ها و خط‌مشی‌ها را در حساب‌ها ایجاد و مدیریت کنید
  • از سرویس‌های مدیریت‌شده AWS برای ثبت، نظارت و ممیزی استفاده کنید
  • بررسی انطباق با سرویس‌های مدیریت‌شده AWS که از یادگیری ماشینی استفاده می‌کنند
  • ایمنی و در دسترس بودن را برای نمونه‌ها و برنامه‌های EC2 فراهم می‌کند
  • ایمن کردن داده‌ها با استفاده از رمزگذاری متقارن و نامتقارن
  • مدیریت استخرهای کاربر و استخرهای هویت با ورود به سیستم

این کتاب برای چه کسی است

اگر حرفه ای در زمینه امنیت فناوری اطلاعات، معمار امنیت ابر، یا توسعه دهنده برنامه های کاربردی ابری هستید روی نقش های مرتبط با امنیت کار می کنید و علاقه مند به استفاده از زیرساخت AWS برای استقرار برنامه های امن هستید، پس این کتاب خدمات وب آمازون برای شما مناسب است. همچنین اگر به دنبال دریافت گواهینامه AWS هستید، این کتاب برای شما مفید خواهد بود. دانش قبلی در مورد AWS و محاسبات ابری برای استفاده حداکثری از این کتاب مورد نیاز است.

فهرست محتوا

  1. مدیریت حساب‌های AWS با IAM و سازمان‌ها< li>ایمن‌سازی داده‌ها در S3 با خط‌مشی‌ها و تکنیک‌ها
  2. استخرهای کاربر و استخرهای هویت با Cognito
  3. مدیریت کلید با KMS و CloudHSM
  4. امنیت شبکه با VPCli>
  5. کار با نمونه های EC2
  6. امنیت وب با استفاده از ELB، CloudFront و WAF
  7. نظارت با CloudWatch، CloudTrail و Config
  8. انطباق با GuardDuty ، Macie و Inspector
  9. خدمات و اقدامات اضافی برای امنیت AWS

توضیحاتی درمورد کتاب به خارجی

Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, along with following cloud security best practices

Key Features

  • Explore useful recipes for implementing robust cloud security solutions on AWS
  • Monitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, config, GuardDuty, and Macie
  • Prepare for the AWS Certified Security-Specialty exam by exploring various security models and compliance offerings

Book Description

As a security consultant, securing your infrastructure by implementing policies and following best practices is critical. This cookbook discusses practical solutions to the most common problems related to safeguarding infrastructure, covering services and features within AWS that can help you implement security models such as the CIA triad (confidentiality, integrity, and availability), and the AAA triad (authentication, authorization, and availability), along with non-repudiation.

The book begins with IAM and S3 policies and later gets you up to speed with data security, application security, monitoring, and compliance. This includes everything from using firewalls and load balancers to secure endpoints, to leveraging Cognito for managing users and authentication. Over the course of this book, you'll learn to use AWS security services such as Config for monitoring, as well as maintain compliance with GuardDuty, Macie, and Inspector. Finally, the book covers cloud security best practices and demonstrates how you can integrate additional security services such as Glacier Vault Lock and Security Hub to further strengthen your infrastructure.

By the end of this book, you'll be well versed in the techniques required for securing AWS deployments, along with having the knowledge to prepare for the AWS Certified Security – Specialty certification.

What you will learn

  • Create and manage users, groups, roles, and policies across accounts
  • Use AWS Managed Services for logging, monitoring, and auditing
  • Check compliance with AWS Managed Services that use machine learning
  • Provide security and availability for EC2 instances and applications
  • Secure data using symmetric and asymmetric encryption
  • Manage user pools and identity pools with federated login

Who this book is for

If you are an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You will also find this book useful if you're looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

Table of Contents

  1. Managing AWS Accounts with IAM and Organizations
  2. Securing Data on S3 with Policies and Techniques
  3. User Pools and Identity Pools with Cognito
  4. Key Management with KMS and CloudHSM
  5. Network Security with VPC
  6. Working with EC2 Instances
  7. Web Security Using ELBs, CloudFront, and WAF
  8. Monitoring with CloudWatch, CloudTrail, and Config
  9. Compliance with GuardDuty, Macie, and Inspector
  10. Additional Services and Practices for AWS Security


فهرست مطالب

Cover
Title Page
Copyright and Credits
Dedication
About Packt
Contributors
Table of Contents
Preface
Chapter 1: Managing AWS Accounts with IAM and Organizations
	Technical requirements
	Configuring IAM for a new account
		Getting ready
		How to do it...
			Creating a billing alarm
		How it works...
		There\'s more...
		See also
	Creating IAM policies
		Getting ready
		How to do it...
			Creating policies with the IAM visual editor
			Creating policies using the AWS CLI
		How it works...
		There\'s more...
		See also
	Creating a master account for AWS Organizations
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a new account under an AWS Organization
		Getting ready
		How to do it...
			Creating an account and OU from the CLI
			Creating and moving an account from the console
		How it works...
		There\'s more...
		See also
	Switching roles with AWS Organizations
		Getting ready
		How to do it...
			Switching as an administrator
			Granting permission for a non-admin user to switch roles
			Granting permission for a non-admin user to switch roles using the CLI
		How it works...
			Switching roles between any two accounts
		There\'s more...
		See also
Chapter 2: Securing Data on S3 with Policies and Techniques
	Technical requirements
	Creating S3 access control lists
		Getting ready
		How to do it...
			Granting READ ACLs for a bucket to everyone from the console
			Granting READ for AWS users using predefined groups from the CLI
			Granting public READ for an object with canned ACLs from the CLI
		How it works...
		There\'s more...
			Comparing ACLs, bucket policies, and IAM policies
		See also
	Creating an S3 bucket policy
		Getting ready
		How to do it...
			Bucket public access with a bucket policy from the console
			Bucket list access with a bucket policy from the CLI
		How it works...
		There\'s more...
		See also
	S3 cross-account access from the CLI
		Getting ready
		How to do it...
			Uploading to a bucket in another account
			Uploading to a bucket in another account with a bucket policy
		How it works...
		There\'s more...
		See also
	S3 pre-signed URLs with an expiry time using the CLI and Python
		Getting ready
		How to do it...
			Generating a pre-signed URL from the CLI
			Generating a pre-signed URL using the Python SDK
		How it works...
		There\'s more...
		See also
	Encrypting data on S3
		Getting ready
		How to do it...
			Server-side encryption with S3-managed keys (SSE-S3)
			Server-side encryption with KMS-managed keys (SSE-KMS)
			Server-side encryption with customer-managed keys (SSE-C)
		How it works...
		There\'s more...
		See also
	Protecting data with versioning
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Implementing S3 cross-region replication within the same account
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Implementing S3 cross-region replication across accounts
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 3: User Pools and Identity Pools with Cognito
	Technical requirements
	Creating Amazon Cognito user pools
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating an Amazon Cognito app client
		Getting ready
		How to do it...
		How it works...
		There\'s more...
			Customizing workflows with triggers
		See also
	User creation and user signups
		Getting ready
		How to do it...
			Creating a user by an administrator
			Creating a user through self-signup with admin confirmation
			Creating a user through self-signup with self-confirmation
		How it works...
		There\'s more...
		See also
	Implementing an admin authentication flow
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Implementing a client-side authentication flow
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Working with Cognito groups
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Federated identity with Cognito user pools
		Getting ready
		How to do it...
			Configuring within the Amazon developer portal
			Configuring in Cognito
		How it works...
		There\'s more...
		See also
Chapter 4: Key Management with KMS and CloudHSM
	Technical requirements
	Creating keys in KMS
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using keys with external key material
		Getting ready
		How to do it...
			Creating key configuration for an external key
			Generating our key material using OpenSSL
			Continuing with key creation from the console
		How it works...
		There\'s more...
		See also
	Rotating keys in KMS
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Granting permissions programmatically with grants
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using key policies with conditional keys
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Sharing customer-managed keys across accounts
		Getting ready
		How to do it...
			Creating a key and giving permission to the other account
			Using the key as an administrator user from account 2
			Using the key as a non-admin user from account 2
		How it works...
		There\'s more...
		See also
	Creating a CloudHSM cluster
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Initializing and activating a CloudHSM cluster
		Getting ready
		How to do it...
			Initializing the cluster and creating our first HSM
			Launching an EC2 client instance and activating the cluster
		How it works...
		There\'s more...
		See also
Chapter 5: Network Security with VPC
	Technical requirements
	Creating a VPC in AWS
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating subnets in a VPC
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Configuring an internet gateway and a route table for internet access
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and configuring NAT gateways
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Working with NACLs
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using a VPC gateway endpoint to connect to S3
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Configuring and using VPC flow logs
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 6: Working with EC2 Instances
	Technical requirements
	Creating and configuring security groups
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Launching an EC2 instance into a VPC
		Getting ready
		How to do it...
			General steps for launching an EC2 instance and doing SSH
			Launching an instance into our public subnet
			Launching an instance into our private subnet
		How it works...
		There\'s more...
		See also
	Setting up and configuring NAT instances
		Getting ready
		How to do it...
			Adding a route for the NAT instance
		How it works...
		There\'s more...
		See also
	Creating and attaching an IAM role to an EC2 instance
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using our own private and public keys with EC2
		Getting ready
		How to do it...
			Generating the keys
			Uploading a key to EC2
		How it works...
		There\'s more... 
		See also
	Using EC2 user data to launch an instance with a web server
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Storing sensitive data with the Systems Manager Parameter Store
		Getting ready
		How to do it...
			Creating a parameter in the AWS Systems Manager Parameter Store
			Creating and attaching role for the AWS Systems Manager
			Retrieving parameters from the AWS Systems Manager Parameter Store
		How it works...
		There\'s more...
		See also
	Using KMS to encrypt data in EBS
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 7: Web Security Using ELBs, CloudFront, and WAF
	Technical requirements
	Enabling HTTPS on an EC2 instance 
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating an SSL/TLS certificate with ACM
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a classic load balancer
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating ELB target groups
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using an application load balancer with TLS termination at the ELB
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using a network load balancer with TLS termination at EC2
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Securing S3 using CloudFront and TLS
		Getting ready
		How to do it...
			CloudFront distribution with CloudFront default domain
			CloudFront distribution with a custom domain and ACM certificate
		How it works...
		There\'s more...
		See also
	Configuring and using the AWS web application firewall (WAF)
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 8: Monitoring with CloudWatch, CloudTrail, and Config
	Technical requirements
	Creating an SNS topic to send emails
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Working with CloudWatch alarms and metrics
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a dashboard in CloudWatch
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a CloudWatch log group
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Working with CloudWatch events
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Reading and filtering logs in CloudTrail
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a trail in CloudTrail
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using Athena to query CloudTrail logs in S3
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Cross-account CloudTrail logging
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Integrating CloudWatch and CloudTrail
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and using AWS Config
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 9: Compliance with GuardDuty, Macie, and Inspector
	Technical requirements
	Setting up and using Amazon GuardDuty
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Aggregating findings from multiple accounts in GuardDuty
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and using Amazon Macie
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and using Amazon Inspector
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating a custom Inspector template
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Chapter 10: Additional Services and Practices for AWS Security
	Technical requirements
	Setting up and using AWS Security Hub
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and using AWS SSO
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Setting up and using AWS Resource Access Manager
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Protecting S3 Glacier vaults with Vault Lock
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using AWS Secrets Manager to manage RDS credentials
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Creating an AMI instead of using EC2 user data
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using security products from AWS Marketplace
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using AWS Trusted Advisor for recommendations
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
	Using AWS Artifact for compliance reports
		Getting ready
		How to do it...
		How it works...
		There\'s more...
		See also
Other Books You May Enjoy
Index




نظرات کاربران