更新时间:2021-06-11 18:13:51
封面
版权信息
About Packt
Why subscribe?
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Section 1: The Exam and Preparation
AWS Certified Security Specialty Exam Coverage
Aim of the certification
Intended audience
Domains assessed
Exam details
Summary
Questions
Further reading
Section 2: Security Responsibility and Access Management
AWS Shared Responsibility Model
Technical requirements
Shared responsibility model for infrastructure services
Shared responsibility model for container services
Shared responsibility model for abstract services
Access Management
Understanding Identity and Access Management (IAM)
Provisioning users groups and roles in IAM
Configuring Multi-Factor Authentication (MFA)
Working with Access Policies
Understanding the difference between policy types
Identifying policy structure and syntax
Configuring cross-account access
IAM policy management
Policy evaluation
Using bucket policies to control access to S3
Federated and Mobile Access
What is AWS federated access?
Using SAML federation
Using social federation
Section 3: Security - a Layered Approach
Securing EC2 Instances
Performing a vulnerability scan using Amazon Inspector
Creating and securing EC2 key pairs
Isolating instances for forensic investigation
Using Systems Manager to administer EC2 instances
Configuring Infrastructure Security
Understanding a VPC
Creating a VPC using the Wizard
Understanding the VPC components
Building a multi-subnet VPC manually
Implementing Application Security
Exploring AWS Web WAF
Managing the security configuration of your ELBs
Securing your AWS API Gateway
DDoS Protection
Understanding DDoS and its attack patterns
Protecting your environment using AWS Shield
Incident Response
Where to start when implementing effective IR
Making use of AWS features
Responding to an incident
