Login     Signup
   info@zetlantechnologies.com        +91-8680961847

AWS certification   > AWS Certified Security Specialty



AWS Certified Security
Specialty



Category Specialty
Exam duration 170 minutes
Exam format 65 questions; either multiple choice or multiple response
Cost 300 USD. Visit Exam pricing for additional cost information, including foreign exchange rates
Test in-person or online Pearson VUE testing center or online proctored exam.
Languages offered English, French (France), Italian, Japanese, Korean, Portuguese (Brazil), Simplified Chinese, and Spanish (Latin America)
SCS-C02

The AWS Certified Security - Specialty validates your expertise in creating and implementing security solutions in the AWS Cloud. This certification also validates your understanding of specialized data classifications and AWS data protection mechanisms; data-encryption methods and AWS mechanisms to implement them; and secure internet protocols and AWS mechanisms to implement them.



Course Details

1. Design and implement an incident response plan

  • AWS best practices for incident response
  • Cloud incidents
  • Roles and responsibilities in the incident response plan
  • AWS Security Finding Format (ASFF)

  • AWS managed security services that detect threats
  • Anomaly and correlation techniques to join data across services
  • Visualizations to identify anomalies
  • Strategies to centralize security findings

  • AWS Security Incident Response Guide
  • Resource isolation mechanisms
  • Techniques for root cause analysis
  • Data capture mechanisms
  • Log analysis for event validation

  • AWS services that monitor events and provide alarms (for example, CloudWatch, Event Bridge)
  • AWS services that automate alerting (for example, Lambda, Amazon Simple Notification Service [Amazon SNS], Security Hub)
  • Tools that monitor metrics and baselines (for example, Guard Duty, Systems Manager)

  • Configuration of monitoring services (for example, Security Hub)
  • Relevant data that indicates security events

  • AWS services and features that provide logging capabilities (for example, VPC Flow Logs, DNS logs, AWS CloudTrail, Amazon CloudWatch Logs)
  • Attributes of logging capabilities (for example, log levels, type, verbosity)
  • Log destinations and lifecycle management (for example, retention period)

  • Capabilities and use cases of AWS services that provide data sources (for example, log level, type, verbosity, cadence, timeliness, immutability)
  • AWS services and features that provide logging capabilities (for example, VPC Flow Logs, DNS logs, CloudTrail, CloudWatch Logs)
  • Access permissions that are necessary for logging

  • Services and tools to analyze captured logs (for example, Athena, CloudWatch Logs filter)
  • Log analysis features of AWS services (for example, CloudWatch Logs Insights, CloudTrail Insights, Security Hub insights)
  • Log format and components (for example, CloudTrail logs)

  • Security features on edge services (for example, AWS WAF, load balancers, Amazon Route 53, Amazon CloudFront, AWS Shield)
  • Common attacks, threats, and exploits (for example, Open Web Application Security Project [OWASP] Top 10, DDoS)
  • Layered web application architecture

  • VPC security mechanisms (for example, security groups, network ACLs, AWS Network Firewall)
  • Inter-VPC connectivity (for example, AWS Transit Gateway, VPC endpoints)
  • Security telemetry sources (for example, Traffic Mirroring, VPC Flow Logs)
  • VPN technology, terminology, and usage
  • On-premises connectivity options (for example, AWS VPN, AWS Direct Connect)

  • Provisioning and maintenance of EC2 instances (for example, patching, inspecting, creation of snapshots and AMIs, use of EC2 Image Builder)
  • IAM instance roles and IAM service roles
  • Services that scan for vulnerabilities in compute workloads (for example, Amazon Inspector, Amazon Elastic Container Registry [Amazon ECR])
  • Host-based security (for example, firewalls, hardening)

  • How to analyze reachability (for example, by using VPC Reachability Analyzer and Amazon Inspector)
  • Fundamental TCP/IP networking concepts (for example, UDP compared with TCP, ports, Open Systems Interconnection [OSI] model, network operating system utilities)
  • How to read relevant log sources (for example, Route 53 logs, AWS WAF logs, VPC Flow Logs)

  • Methods and services for creating and managing identities (for example, federation, identity providers, AWS IAM Identity Center [AWS Single Sign-On], Amazon Cognito)
  • Long-term and temporary credentialing mechanisms
  • How to troubleshoot authentication issues (for example, by using CloudTrail, IAM Access Advisor, and IAM policy simulator)

  • Different IAM policies (for example, managed policies, inline policies, identity-based policies, resource-based policies, session control policies)
  • Components and impact of a policy (for example, Principal, Action, Resource, Condition)
  • How to troubleshoot authorization issues (for example, by using CloudTrail, IAM Access Advisor, and IAM policy simulator)

  • TLS concepts
  • VPN concepts (for example, IPsec)
  • Secure remote access methods (for example, SSH, RDP over Systems Manager Session Manager)
  • Systems Manager Session Manager concepts
  • How TLS certificates work with various network services and resources (for example, CloudFront, load balancers)
  • Encryption technique selection (for example, client-side, server-side, symmetric, asymmetric)
  • Integrity-checking techniques (for example, hashing algorithms, digital signatures)
  • Resource policies (for example, for DynamoDB, Amazon S3, and AWS Key Management Service [AWS KMS])
  • IAM roles and policies
  • Lifecycle policies
  • Data retention standards
  • Secrets Manager
  • Systems Manager Parameter Store
  • Usage and management of symmetric keys and asymmetric keys (for example, AWS KMS)

  • Multi-account strategies
  • Managed services that allow delegated administration
  • Policy-defined guardrails
  • Root account best practices
  • Cross-account roles
  • Deployment best practices with infrastructure as code (IaC) (for example, AWS CloudFormation template hardening and drift detection)
  • Best practices for tagging
  • Centralized management, deployment, and versioning of AWS services
  • Visibility and control over AWS infrastructure
  • Data classification by using AWS services
  • How to assess, audit, and evaluate the configurations of AWS resources (for example, by using AWS Config)
  • AWS cost and usage for anomaly identification
  • Strategies to reduce attack surfaces
  • AWS Well-Architected Framework


Fees Structure : 12500 INR / 150 USD
Total No of Class : 78 Video Class
Class Duration : 41:30 Working Hours
Download Feature : Download Avalable
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Brochure       Buy Now       Sample Demo

Fees Structure : 22500 INR / 270 USD
Class Duration : 45 Days
Class Recording : Live Class Recording available
Class Time : Monday to Firday 1.5 hours per day / Weekend 3 Hours per day
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Download Brochure       Pay Online

Information Technologies

Why People Like us!

For over a decade, we have been on a mission: helping everyone grow up in IT Industry. Today, we are asking that you join us.

Read More

More Info

About Us Contact Us Privacy Policy Terms & Condition Refund Policy FAQs & Help

Account

My Account Course Details Shopping Cart Wishlist Order History Payment Details

Contact

Address: Chennai, Tamilnadu, India

Email: info@zetlantechnologies.com

Phone: +91 8680961847

Payment Accepted

Zetlan Technologies, All right reserved.