舉報 
會員
AWS Certified Security:Specialty Exam Guide
AWSCertifiedSecurity–Specialtyisacertificationexamtovalidateyourexpertiseinadvancedcloudsecurity.Withanever-increasingdemandforAWSsecurityskillsinthecloudmarket,thiscertificationcanhelpyouadvanceinyourcareer.Thisbookhelpsyoupreparefortheexamandgaincertificationbyguidingyouthroughbuildingcomplexsecuritysolutions.FromunderstandingtheAWSsharedresponsibilitymodelandidentityandaccessmanagementtoimplementingaccessmanagementbestpractices,you'llgraduallybuildonyourskills.ThebookwillalsodelveintosecuringinstancesandtheprinciplesofsecuringVPCinfrastructure.Coveringsecuritythreats,vulnerabilities,andattackssuchastheDDoSattack,you'lldiscoverhowtomitigatetheseatdifferentlayers.You'llthencovercomplianceandlearnhowtouseAWStoauditandgoverninfrastructure,aswellastofocusonmonitoringyourenvironmentbyimplementingloggingmechanismsandtrackingdata.Later,you'llexplorehowtoimplementdataencryptionasyougethands-onwithsecuringaliveenvironment.Finally,you'lldiscoversecuritybestpracticesthatwillassistyouinmakingcriticaldecisionsrelatingtocost,security,anddeploymentcomplexity.BytheendofthisAWSsecuritybook,you'llhavetheskillstopasstheexamanddesignsecureAWSsolutions.
目錄(184章)
倒序
- 封面
- 版權信息
- About Packt
- Why subscribe?
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Get in touch
- Section 1: The Exam and Preparation
- AWS Certified Security Specialty Exam Coverage
- Aim of the certification
- Intended audience
- Domains assessed
- Exam details
- Summary
- Questions
- Further reading
- Section 2: Security Responsibility and Access Management
- AWS Shared Responsibility Model
- Technical requirements
- Shared responsibility model for infrastructure services
- Shared responsibility model for container services
- Shared responsibility model for abstract services
- Summary
- Questions
- Further reading
- Access Management
- Technical requirements
- Understanding Identity and Access Management (IAM)
- Provisioning users groups and roles in IAM
- Configuring Multi-Factor Authentication (MFA)
- Summary
- Questions
- Further reading
- Working with Access Policies
- Technical requirements
- Understanding the difference between policy types
- Identifying policy structure and syntax
- Configuring cross-account access
- IAM policy management
- Policy evaluation
- Using bucket policies to control access to S3
- Summary
- Questions
- Further reading
- Federated and Mobile Access
- Technical requirements
- What is AWS federated access?
- Using SAML federation
- Using social federation
- Summary
- Questions
- Further reading
- Section 3: Security - a Layered Approach
- Securing EC2 Instances
- Technical requirements
- Performing a vulnerability scan using Amazon Inspector
- Creating and securing EC2 key pairs
- Isolating instances for forensic investigation
- Using Systems Manager to administer EC2 instances
- Summary
- Questions
- Further reading
- Configuring Infrastructure Security
- Technical requirements
- Understanding a VPC
- Creating a VPC using the Wizard
- Understanding the VPC components
- Building a multi-subnet VPC manually
- Summary
- Questions
- Further reading
- Implementing Application Security
- Technical requirements
- Exploring AWS Web WAF
- Managing the security configuration of your ELBs
- Securing your AWS API Gateway
- Summary
- Questions
- Further reading
- DDoS Protection
- Technical requirements
- Understanding DDoS and its attack patterns
- Protecting your environment using AWS Shield
- Summary
- Questions
- Further reading
- Incident Response
- Technical requirements
- Where to start when implementing effective IR
- Making use of AWS features
- Responding to an incident
- Summary
- Questions
- Further reading
- Securing Connections to Your AWS Environment
- Technical requirements
- Understanding your connection
- Using an AWS VPN
- Using AWS Direct Connect
- Summary
- Questions
- Section 4: Monitoring Logging and Auditing
- Implementing Logging Mechanisms
- Technical requirements
- Implementing logging
- Implementing Flow Logs
- VPC Traffic Mirroring
- Using AWS CloudTrail logs
- Using the CloudWatch logging agent
- Summary
- Questions
- Further reading
- Auditing and Governance
- Technical requirements
- What is an audit?
- Understanding AWS Artifact
- Securing AWS using CloudTrail
- Understanding your AWS environment through AWS Config
- Maintaining compliance with Amazon Macie
- Summary
- Questions
- Section 5: Best Practices and Automation
- Automating Security Detection and Remediation
- Technical requirements
- Using CloudWatch events with AWS Lambda and SNS
- Using Amazon GuardDuty
- Using AWS Security Hub
- Summary
- Questions
- Discovering Security Best Practices
- Technical requirements
- Common security best practices
- Using AWS Trusted Advisor
- Penetration testing in AWS
- Summary
- Questions
- Section 6: Encryption and Data Security
- Managing Key Infrastructure
- Technical requirements
- A simple overview of encryption
- Exploring AWS Key Management Service (KMS)
- Exploring AWS CloudHSM
- AWS Secrets Manager
- Summary
- Questions
- Further reading
- Managing Data Security
- Technical requirements
- Amazon EBS encryption
- Amazon EFS
- Amazon S3
- Amazon RDS
- Amazon DynamoDB
- Summary
- Questions
- Mock Tests
- Mock exam 1
- Mock exam 2
- Assessments
- Chapter 1
- Chapter 2
- Chapter 3
- Chapter 4
- Chapter 5
- Chapter 6
- Chapter 7
- Chapter 8
- Chapter 9
- Chapter 10
- Chapter 11
- Chapter 12
- Chapter 13
- Chapter 14
- Chapter 15
- Chapter 16
- Chapter 17
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-11 18:13:51
推薦閱讀
- 暗戰(zhàn)亮劍:黑客滲透與防御全程實錄
- 工業(yè)物聯(lián)網(wǎng)安全
- 計算機網(wǎng)絡安全基礎(第5版)
- 局域網(wǎng)交換機安全
- 學電腦安全與病毒防范
- 解密數(shù)據(jù)恢復
- 情報驅(qū)動應急響應
- 互聯(lián)網(wǎng)企業(yè)安全高級指南
- 編譯與反編譯技術實戰(zhàn)
- 信息技術基礎:提高篇·實驗與習題
- 網(wǎng)絡安全實戰(zhàn)詳解(企業(yè)專供版)
- 交換機·路由器·防火墻(第2版)
- 黑客攻防從入門到精通:命令版
- 信息系統(tǒng)安全等級化保護原理與實踐
- 網(wǎng)絡安全監(jiān)控實戰(zhàn):深入理解事件檢測與響應
- 2010年中國互聯(lián)網(wǎng)網(wǎng)絡安全報告
- 企業(yè)安全建設入門:基于開源軟件打造企業(yè)網(wǎng)絡安全
- 惡意軟件、Rootkit和僵尸網(wǎng)絡
- Web前端黑客技術揭秘
- 大中型網(wǎng)絡入侵要案直擊與防御
- 黑客與安全技術指南
- 網(wǎng)絡安全與維護
- 物聯(lián)網(wǎng)安全
- 美國網(wǎng)絡安全戰(zhàn)略與政策二十年
- 黑客攻防從入門到精通(實戰(zhàn)版)
- 巧學活用網(wǎng)絡安全與維護
- 走近安全:網(wǎng)絡世界的攻與防
- 網(wǎng)絡安全態(tài)勢感知:提取、理解和預測
- 維護網(wǎng)絡空間安全:中國網(wǎng)絡安全法解讀
- 黑客
