AWS Certified Security Specialty

Sale!

AWS Certified Security Specialty

£895.00

What’s Included

  • Self-paced video lessons covering all exam domains with practical demonstrations

  • Interactive hands-on labs to practice real AWS security configurations and workflows

  • Lesson quizzes to test your understanding as you progress

  • Practice exams to simulate the real certification test environment

  • Knowledge checks and review materials for reinforcement

  • On-demand access to all course content and labs for flexible study

SKU: aws-security-specialty Categories: , Tags: , ,

Description

The AWS Certified Security – Specialty course is designed to help experienced AWS professionals build and validate advanced skills in securing AWS environments. This course focuses on protecting data, applications, and infrastructure using AWS security services and best practices.

You’ll learn how to implement strong identity and access management, detect and respond to security incidents, secure networks and workloads, and maintain compliance across AWS environments. The course is fully aligned with the latest exam blueprint and combines theory, real-world scenarios, and exam-focused preparation.

Who is it for

This course is ideal for:

  • AWS professionals responsible for cloud security

  • Security engineers and architects working with AWS

  • DevOps and cloud engineers with security responsibilities

  • IT professionals preparing for the AWS Security – Specialty certification

It is best suited for learners with hands-on AWS experience and a strong understanding of core AWS services.

Eligibility & Learning Outcomes

Recommended Experience

  • 2+ years of hands-on experience securing AWS workloads

  • Strong knowledge of AWS services, networking, and IAM

  • Familiarity with security concepts such as encryption, monitoring, and incident response

Learning Outcomes

By the end of this course, you will be able to:

  • Design and implement secure AWS architectures

  • Manage identity, access, and permissions using AWS IAM

  • Protect data at rest and in transit using encryption services

  • Detect threats and respond to incidents using AWS security tools

  • Secure networks, workloads, and applications in AWS

  • Apply governance, risk, and compliance controls effectively

Course Syllabus

Lesson 1: Threat Detection and incident Response (1 hour and 24 minutes)

  • Design and Implement an Incident Response Plan (48 minutes)
    • Incident Response in AWS
    • Preparation in Incident Response
    • Deployment of Security Services in AWS
    • Centralizing Security Management in AWS
  • Detect and Respond to Security Incidents (1 hour and 36 minutes)
    • Operations – Detection and Analysis
    • Categorizing Security Alerts
    • Alerting Types
    • Containment, Eradication, and Recovery
    • Containment Strategies
    • Eradication Strategies
    • Recovery Strategies
    • Post-Incident Activities
  • Lab
  • Knowledge Check

Lesson 2: Security Logging and Monitoring (1 hour and 36 minutes)

  • Security Monitoring and Troubleshooting (36 minutes)
    • Implementing Monitoring and Alerting with AWS CloudWatch Alarms
    • Implementing EventBridge Rules for Event-Driven Pipelines in AWS
    • Automating Security Alerts in AWS
  • Security Logging and Log Analysis (1 hour)
    • Understanding Security Logging in AWS
    • Building an Effective Security Event and Log-Driven Pipeline in AWS
    • Configuring Permissions for Security Log Delivery in AWS
    • Troubleshooting CloudTrail Log Delivery in Multi-Account AWS Environments
    • Analyzing Security Logs in AWS
  • Lab
  • Knowledge Check

Lesson 3: Infrastructure Security (1 hour and 24 minutes)

  • Design and Implement Edge and Network Security (48 minutes)
    • Network Security at the Edge in AWS
    • VPC Security in AWS
    • Encrypting Data in Transit in AWS
    • Protecting Network Traffic in AWS with AWS Network Firewall
  • Compute Security and Security Troubleshooting (36 minutes)
    • Managing Vulnerabilities on an EC2-Based Platform in AWS
    • Securing Secrets and Credentials for Compute Resources in AWS
    • Troubleshooting Connectivity in AWS: Methodologies and Tools
  • Knowledge Check

Lesson 4: Identity and Access Management (3 hours and 48 minutes)

  • Design, Implement and Troubleshoot Authentication (1 hour and 36 minutes)
    • Implementing Authentication in AWS: Identity Management Principles
    • AWS Identity Management Principle: Using Temporary Credentials
    • Federating External Identities with Amazon Cognito
    • Machine Identities
    • Store and Use Secrets Securely
    • Rely on a Centralized Identity Provider
    • Audit and Rotate Credentials Periodically
    • Leverage user Groups and Attributes
  • Design, Implement, and Troubleshoot Authorization (2 hour and 12 minutes)
    • AWS Policies
    • AWS Well-Architected Framework: Security Pillar and Permissions Management
    • The Principle of Least Privilege in AWS Permissions Management
    • How AWS Determines Access An In-Depth Look
    • Establishing Emergency Access Processes in AWS
    • Continuously Reducing Permissions
    • Defining Permission Guardrails for Your Organization
    • Managing Access Based on Lifecycle
    • Analyzing Public and Cross-Account Access
    • Sharing Resources Securely Within Your Organization
    • Sharing Resources Securely with a Third Party
  • Labs
  • Knowledge Check

Lesson 5: Data Protection (3 hours and 48 minutes)

  • In-transit Data Protection (1 hour and 12 minutes)
    • The Three Goals of Data Encryption
    • Implementing Network Encryption in AWS
    • Cross-region Protection
    • AWS Certificate Manager (ACM)
    • AWS Private CA Service
    • Enforcing Data Encryption in Transit on AWS
  • At-rest Data Protection (1 hour and 36 minutes)
    • Protecting Data at Rest in AWS
    • Protecting Data at Rest Using Encryption in AWS
    • Symmetric Data Encryption in AWS
    • AWS KMS
    • Understanding KMS Key Types
    • Managing Permissions for AWS KMS
    • Encrypting Data at Rest in WS: S3 Encryption and Cloud HSM
    • Protecting Data at Rest in AWS: Beyond Encryption
  • Data Lifecycle, Credential, and Secret Management (1 hour)
    • Data Retention Strategies
    • AWS Backup
    • Asymmetric Key Encryption
    • Managing and Rotating Credentials and Secrets in AWS
    • Secrets Manager vs SSM Parameter Store
  • Labs
  • Knowledge Check

Lesson 6: Management and Security Governance (2 hours and 12 minutes)

  • AWS Resource Governance (1 hour and 12 minutes)
    • AWS Organizations
    • AWS Control Tower
    • AWS Control Tower Account Factory
    • AWS Resource Groups
    • AWS Organizations’ Tag Policies
    • AWS Firewall Manager
  • AWS Security Compliance (1 hour)
    • Amazon Macie
    • AWS Config, CloudWatch Logs, and Security Hub
    • AWS Audit Manager
    • AWS Well-Architected Framework
    • Cost Analysis and Anomalies
  • Knowledge Check

Exam Format

Exam Details

  • Certification Level: Specialty

  • Duration: 170 minutes

  • Format: Multiple-choice and multiple-response questions

  • Total Questions: 65

  • Delivery: Online proctored

  • Languages: English & other major languages (varies by region)

Focus Areas
The exam tests your ability to secure AWS workloads, design and implement protection mechanisms, manage security monitoring, respond to incidents, and ensure compliance in AWS environments.

Related products