舉報 
會員
AWS Certified Security:Specialty Exam Guide
AWSCertifiedSecurity–Specialtyisacertificationexamtovalidateyourexpertiseinadvancedcloudsecurity.Withanever-increasingdemandforAWSsecurityskillsinthecloudmarket,thiscertificationcanhelpyouadvanceinyourcareer.Thisbookhelpsyoupreparefortheexamandgaincertificationbyguidingyouthroughbuildingcomplexsecuritysolutions.FromunderstandingtheAWSsharedresponsibilitymodelandidentityandaccessmanagementtoimplementingaccessmanagementbestpractices,you'llgraduallybuildonyourskills.ThebookwillalsodelveintosecuringinstancesandtheprinciplesofsecuringVPCinfrastructure.Coveringsecuritythreats,vulnerabilities,andattackssuchastheDDoSattack,you'lldiscoverhowtomitigatetheseatdifferentlayers.You'llthencovercomplianceandlearnhowtouseAWStoauditandgoverninfrastructure,aswellastofocusonmonitoringyourenvironmentbyimplementingloggingmechanismsandtrackingdata.Later,you'llexplorehowtoimplementdataencryptionasyougethands-onwithsecuringaliveenvironment.Finally,you'lldiscoversecuritybestpracticesthatwillassistyouinmakingcriticaldecisionsrelatingtocost,security,anddeploymentcomplexity.BytheendofthisAWSsecuritybook,you'llhavetheskillstopasstheexamanddesignsecureAWSsolutions.
目錄(184章)
倒序
- 封面
- 版權信息
- About Packt
- Why subscribe?
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Get in touch
- Section 1: The Exam and Preparation
- AWS Certified Security Specialty Exam Coverage
- Aim of the certification
- Intended audience
- Domains assessed
- Exam details
- Summary
- Questions
- Further reading
- Section 2: Security Responsibility and Access Management
- AWS Shared Responsibility Model
- Technical requirements
- Shared responsibility model for infrastructure services
- Shared responsibility model for container services
- Shared responsibility model for abstract services
- Summary
- Questions
- Further reading
- Access Management
- Technical requirements
- Understanding Identity and Access Management (IAM)
- Provisioning users groups and roles in IAM
- Configuring Multi-Factor Authentication (MFA)
- Summary
- Questions
- Further reading
- Working with Access Policies
- Technical requirements
- Understanding the difference between policy types
- Identifying policy structure and syntax
- Configuring cross-account access
- IAM policy management
- Policy evaluation
- Using bucket policies to control access to S3
- Summary
- Questions
- Further reading
- Federated and Mobile Access
- Technical requirements
- What is AWS federated access?
- Using SAML federation
- Using social federation
- Summary
- Questions
- Further reading
- Section 3: Security - a Layered Approach
- Securing EC2 Instances
- Technical requirements
- Performing a vulnerability scan using Amazon Inspector
- Creating and securing EC2 key pairs
- Isolating instances for forensic investigation
- Using Systems Manager to administer EC2 instances
- Summary
- Questions
- Further reading
- Configuring Infrastructure Security
- Technical requirements
- Understanding a VPC
- Creating a VPC using the Wizard
- Understanding the VPC components
- Building a multi-subnet VPC manually
- Summary
- Questions
- Further reading
- Implementing Application Security
- Technical requirements
- Exploring AWS Web WAF
- Managing the security configuration of your ELBs
- Securing your AWS API Gateway
- Summary
- Questions
- Further reading
- DDoS Protection
- Technical requirements
- Understanding DDoS and its attack patterns
- Protecting your environment using AWS Shield
- Summary
- Questions
- Further reading
- Incident Response
- Technical requirements
- Where to start when implementing effective IR
- Making use of AWS features
- Responding to an incident
- Summary
- Questions
- Further reading
- Securing Connections to Your AWS Environment
- Technical requirements
- Understanding your connection
- Using an AWS VPN
- Using AWS Direct Connect
- Summary
- Questions
- Section 4: Monitoring Logging and Auditing
- Implementing Logging Mechanisms
- Technical requirements
- Implementing logging
- Implementing Flow Logs
- VPC Traffic Mirroring
- Using AWS CloudTrail logs
- Using the CloudWatch logging agent
- Summary
- Questions
- Further reading
- Auditing and Governance
- Technical requirements
- What is an audit?
- Understanding AWS Artifact
- Securing AWS using CloudTrail
- Understanding your AWS environment through AWS Config
- Maintaining compliance with Amazon Macie
- Summary
- Questions
- Section 5: Best Practices and Automation
- Automating Security Detection and Remediation
- Technical requirements
- Using CloudWatch events with AWS Lambda and SNS
- Using Amazon GuardDuty
- Using AWS Security Hub
- Summary
- Questions
- Discovering Security Best Practices
- Technical requirements
- Common security best practices
- Using AWS Trusted Advisor
- Penetration testing in AWS
- Summary
- Questions
- Section 6: Encryption and Data Security
- Managing Key Infrastructure
- Technical requirements
- A simple overview of encryption
- Exploring AWS Key Management Service (KMS)
- Exploring AWS CloudHSM
- AWS Secrets Manager
- Summary
- Questions
- Further reading
- Managing Data Security
- Technical requirements
- Amazon EBS encryption
- Amazon EFS
- Amazon S3
- Amazon RDS
- Amazon DynamoDB
- Summary
- Questions
- Mock Tests
- Mock exam 1
- Mock exam 2
- Assessments
- Chapter 1
- Chapter 2
- Chapter 3
- Chapter 4
- Chapter 5
- Chapter 6
- Chapter 7
- Chapter 8
- Chapter 9
- Chapter 10
- Chapter 11
- Chapter 12
- Chapter 13
- Chapter 14
- Chapter 15
- Chapter 16
- Chapter 17
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-11 18:13:51
推薦閱讀
- 網絡安全與管理
- Node Security
- Kali Linux Social Engineering
- Practical Network Scanning
- 電子支付的規制結構配置研究
- 學電腦安全與病毒防范
- 網絡安全與攻防入門很輕松(實戰超值版)
- Instant Java Password and Authentication Security
- 編譯與反編譯技術實戰
- 電腦安全與攻防入門很輕松(實戰超值版)
- 數字銀行安全體系構建
- Practical Internet of Things Security
- 網絡入侵檢測系統原理與應用
- BeagleBone for Secret Agents
- INSTANT Microsoft Forefront UAG Mobile Configuration Starter
- ATT&CK視角下的紅藍對抗實戰指南
- 計算機網絡安全與應用技術(第2版)
- 中國網絡空間安全前沿科技發展報告(2018)
- Hands-On Spring Security 5 for Reactive Applications
- Linux安全實戰
- 中國網絡安全等級保護制度理解與實施(英文版)
- Mastering Identity and Access Management with Microsoft Azure
- Mastering Blockchain
- 計算機網絡安全與防護
- Mobile Security:How to Secure,Privatize,and Recover Your Devices
- 密碼技術與物聯網安全:mbedtls開發實戰
- 金融網絡安全
- SELinux System Administration
- VMware vSphere Security Cookbook
- 零信任安全:技術詳解與應用實踐
