Advanced Architecting on Amazon Web Services: Security Architecture

Candidates for the AWS Certified Solutions Architect – Professional exam and other learners with advanced cloud implementation skills looking to get the best out of the Amazon Web Services platform

Prerequisite
None

Expected Duration
135 minutes

Description
Security is paramount for connected applications, and this is never more true than in the cloud. Amazon provides comprehensive advice and information about their services and how to protect and harden them. And this course guides you through that information. Data at rest and data in transit are secured systematically, service-by-service. This course is one in a series of Skillsoft courses that cover the objectives for the Amazon certification AWS Certified Solutions Architect – Professional.

Objective

Designing an ISMS

  • start the course
  • define and categorize assets on Amazon Web Services as part of an information security management system
  • design an information security management system for Amazon Web Services
  • Managing IAM

  • describe security considerations for accounts and identities on Amazon Web Services
  • describe security considerations for identity federation on Amazon Web Services
  • describe security considerations for managing access to Elastic Compute Cloud instances on Amazon Web Services
  • The Shared Responsibility Model

  • describe the shared responsibility model on Amazon Web Services
  • describe infrastructure services in the context of the shared responsibility model on Amazon Web Services
  • describe container services in the context of the shared responsibility model on Amazon Web Services
  • describe abstracted services in the context of the shared responsibility model on Amazon Web Services
  • Securing Data at Rest

  • describe security considerations for managing encryption keys on Amazon Web Services
  • describe risks to data at rest in Amazon Web Services
  • describe mitigation steps for protecting data at rest on Amazon Web Services’ Simple Storage Service
  • describe mitigation steps for protecting data at rest on Amazon Web Services’ Elastic Block Store
  • describe mitigation steps for protecting data at rest on Amazon Web Services’ Relational Database Service
  • describe mitigation steps for protecting data at rest on Amazon Web Services’ Glacier
  • describe mitigation steps for protecting data at rest on Amazon Web Services’ Elastic MapReduce
  • describe considerations for decommissioning data on Amazon Web Services
  • Securing Data in Transit

  • describe risks to data in transit on Amazon Web Services
  • describe steps for protecting Amazon Web Services’ administration traffic
  • describe mitigation steps for protecting data in transit to Amazon Web Services’ Simple Storage Service and Relational Database Service
  • describe mitigation steps for protecting data in transit to Amazon Web Services’ Elastic MapReduce
  • describe steps for mitigating compromise and abuse of systems on Amazon Web Services
  • describe network security implementation with Amazon Web Services’ Virtual Private Cloud
  • describe security zoning and segmentation for security on Amazon Web Services
  • describe mitigation steps for securing systems peripheral to Amazon Web Services
  • describe a layered approach to security defense for Amazon Web Services
  • Practice: Securing Services

  • describe a security approach for an application with a given set of services on Amazon Web Services
  • MONTHLY SUBSCRIPTION

    $129/month
     

    ANNUAL SUBSCRIPTION

    $1295/year

    Multi-license discounts available for Annual and Monthly subscriptions.