Section 1 : Introduction
|
Lecture 1 | INTRODUCTION TO BRAINMEASURES PROCTOR SYSTEM | |
|
Lecture 2 | Security Specialty Exam Overview | |
|
Lecture 3 | Increase the speed of learning |
Section 2 : Housekeeping
|
Lecture 1 | Account Reuse Instructions | |
|
Lecture 2 | Downloadable Resources | |
|
Lecture 3 | AWS Account Setup, Free Tier Offers, Billing, Support | 00:06:58 Duration |
|
Lecture 4 | Billing Alerts, Delegate Access | |
|
Lecture 5 | IAM Admin User and Command Line Tool Setup | 00:08:14 Duration |
|
Lecture 6 | EC2 KeyPair and tools to login | 00:04:59 Duration |
|
Lecture 7 | Heads-up - You can also log in to a machine using Systems Manager |
Section 3 : Architecture of a cloud based solution
|
Lecture 1 | Refresher Topic Tips | |
|
Lecture 2 | Purpose of this section | |
|
Lecture 3 | Order Processing System - A Server-Based Design | 00:09:36 Duration |
|
Lecture 4 | Decouple layers using Queues and Notification Service | 00:06:21 Duration |
|
Lecture 5 | Order Processing System - Serverless Design | 00:08:53 Duration |
Section 4 : VPC Refresher
Section 5 : EC2 and Storage Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | EC2 Important Concepts Review | |
|
Lecture 3 | Bastion Host and Credential Forwarding | |
|
Lecture 4 | Amazon Linux 2 AMI | |
|
Lecture 5 | Lab - EC2 Instance with IAM Roles to Access S3 | 00:06:34 Duration |
|
Lecture 6 | Introduction to Storage | 00:08:39 Duration |
|
Lecture 7 | Elastic Block Store (EBS) | 00:13:09 Duration |
|
Lecture 8 | Elastic File System, FSx for Windows, FSx for Lustre | 00:04:53 Duration |
Section 6 : Monitoring - CloudWatch Metrics and Logs Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Introduction to CloudWatch | 00:02:38 Duration |
|
Lecture 3 | CloudWatch Metrics and Alarms | 00:04:18 Duration |
|
Lecture 4 | CloudWatch Log Group, Log Stream, Metric Filter and Alarms | 00:03:29 Duration |
|
Lecture 5 | Lab - Stop Idle Instance using CloudWatch Alarms | 00:09:29 Duration |
|
Lecture 6 | Heads up in-depth CloudWatch Log labs |
Section 7 : Elastic Load Balancing and Auto Scaling Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Introduction to Elastic Load Balancer | 00:08:49 Duration |
|
Lecture 3 | Types of Load Balancers, Private Link | 00:08:31 Duration |
|
Lecture 4 | Lambda function as a target | |
|
Lecture 5 | NEW - Gateway Load Balancer | |
|
Lecture 6 | Amazon Linux 2 AMI | |
|
Lecture 7 | Lab - Launch WebServer Instances with User Data | 00:06:54 Duration |
|
Lecture 8 | Lab - Application Load Balancer | 00:03:54 Duration |
|
Lecture 9 | Lab - Cleanup | |
|
Lecture 10 | Finer Points - Security Group and NACL with Load Balancers | |
|
Lecture 11 | Introduction to Auto Scaling | 00:05:46 Duration |
|
Lecture 12 | Amazon Linux 2 AMI | |
|
Lecture 13 | Lab - Maintain Fleet with Auto Scaling | 00:08:03 Duration |
|
Lecture 14 | Lab - Simulate Server Error and Application Error | 00:03:13 Duration |
|
Lecture 15 | Cleanup |
Section 8 : S3 Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | S3 Storage Classes | 00:07:34 Duration |
|
Lecture 3 | Consistency Model | |
|
Lecture 4 | Versioning | 00:04:12 Duration |
|
Lecture 5 | Lifecycle Management | |
|
Lecture 6 | Access Control | 00:04:03 Duration |
|
Lecture 7 | Replication (CRR, SRR) | 00:02:51 Duration |
|
Lecture 8 | Performance and Storage Gateway | 00:08:50 Duration |
|
Lecture 9 | Encryption (SSE-S3, SSE-KMS, SSE-C, Client Side) | 00:06:36 Duration |
|
Lecture 10 | SFTP, CORS, Pre-signed URL, Macie, Object Lock | 00:08:26 Duration |
|
Lecture 11 | Lab - S3 Storage Classes | 00:05:35 Duration |
|
Lecture 12 | Lab - S3 Versioning | 00:04:05 Duration |
|
Lecture 13 | Lab - S3 Age Based Retention | 00:03:51 Duration |
|
Lecture 14 | Lab - S3 Tiered Storage | 00:03:12 Duration |
|
Lecture 15 | Lab - S3 Replication | 00:05:45 Duration |
|
Lecture 16 | Lab - S3 Encryption AWS Managed Key and Customer Master Key | 00:06:19 Duration |
Section 9 : Route 53 Refresher
|
Lecture 1 | Introduction to Route 53 and How DNS Server Works | 00:03:10 Duration |
|
Lecture 2 | Demo - DNS Lookup | 00:02:52 Duration |
|
Lecture 3 | Route 53 Core Capabilities, Availability, Latency | 00:02:31 Duration |
|
Lecture 4 | Routing Policy - Types of Traffic Routing | 00:01:52 Duration |
|
Lecture 5 | DNS Terminologies | 00:02:33 Duration |
|
Lecture 6 | Route 53 Important Concepts Review | |
|
Lecture 7 | Heads up Route 53 labs with custom domains in SSLTLS section |
Section 10 : CloudFront Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Why CloudFront | 00:06:18 Duration |
|
Lecture 3 | CloudFront Security, Lambda@Edge | 00:08:29 Duration |
|
Lecture 4 | Downloadable Lab Resources | |
|
Lecture 5 | Lab - CloudFront Distribution with S3 Origin | 00:08:43 Duration |
|
Lecture 6 | Lab - Cache Configuration and Invalidation | 00:04:49 Duration |
|
Lecture 7 | Lab - Origin Access Identity (OAI) | 00:03:37 Duration |
|
Lecture 8 | CloudFront with S3 Origin | |
|
Lecture 9 | Heads-up Custom Domain and WAF protection |
Section 11 : Global Accelerator Refresher
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Introduction to Global Accelerator | 00:03:53 Duration |
|
Lecture 3 | Global Accelerator - How it works | 00:05:47 Duration |
|
Lecture 4 | Amazon Linux 2 AMI | |
|
Lecture 5 | Lab - Global Accelerator | 00:05:50 Duration |
Section 12 : Identity and Access Management
Section 13 : Logs and Events - Visibility into activities in AWS
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Introduction to Logs and Events | 00:08:36 Duration |
|
Lecture 3 | CloudTrail - Capture all AWS API activity | 00:11:03 Duration |
|
Lecture 4 | Lab - CloudTrail Event History | 00:08:47 Duration |
|
Lecture 5 | Lab - Consolidate account activity to S3, CloudWatch Log and Log Integrity Check | 00:10:28 Duration |
|
Lecture 6 | Lab - Log Insights to Query CloudTrail Activity | 00:07:54 Duration |
|
Lecture 7 | Lab - Athena SQL to Query CloudTrail Activity | 00:07:48 Duration |
|
Lecture 8 | Lab - CloudWatch Events Real-time Monitoring of EC2 State | 00:06:22 Duration |
|
Lecture 9 | Lab - Real-time Monitoring of Root Usage using CloudWatch Events | 00:03:22 Duration |
|
Lecture 10 | Lab - CloudWatch Log Metric Filter based Monitoring of Root Usage | 00:06:44 Duration |
|
Lecture 11 | AWS Sample Question #9 | |
|
Lecture 12 | Answer to question #9 |
Section 14 : Visibility into Network Activity in your VPC
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Lab - VPC Flow Logs Capture, Format and Querying | 00:11:39 Duration |
|
Lecture 3 | Lab - Troubleshoot Security Group and Network ACL firewall Connectivity Issues | 00:07:15 Duration |
|
Lecture 4 | Packet Capture - VPC Traffic Mirroring and External AMI |
Section 15 : AWS Organizations - Multi-Account Management
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Lab - Create Organization, Member Accounts, Service Control Policies and Trail | 00:09:17 Duration |
|
Lecture 3 | Lab - Organizational Units and test effect of Service Control Policies (SCP) | 00:06:34 Duration |
|
Lecture 4 | Lab - Single Sign-on (SSO), Cross-Account Access and Permission Sets | 00:09:18 Duration |
|
Lecture 5 | Resource Sharing Across Account - Resource Access Manager and Transit Gateway | 00:03:47 Duration |
|
Lecture 6 | How to setup Bastion Host and Credential Forwarding | |
|
Lecture 7 | Lab - Resource Access Manager - Share VPC and NAT Gateway with member accounts | 00:08:22 Duration |
|
Lecture 8 | Lab - Transit Gateway to Interconnect VPCs | 00:06:55 Duration |
|
Lecture 9 | Transit Gateway - VPC attachment | |
|
Lecture 10 | Lab - Transit Gateway - Route Outbound traffic through common NAT Gateway | 00:10:10 Duration |
Section 16 : Protect and Manage Resources
Section 17 : Key Management System (KMS) - Encryption key management
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Symmetric & Asymmetric Encryption, Digital Signing and Common Challenges | 00:07:01 Duration |
|
Lecture 3 | Envelope Encryption Concepts and S3 Server Side Encryption | 00:05:03 Duration |
|
Lecture 4 | EBS Volume Encryption, RDS and DynamoDB Encryption | 00:07:18 Duration |
|
Lecture 5 | RDS Database encryption options | |
|
Lecture 6 | Lab (repeat) - S3 AWS Managed Key and Customer Managed Key Encryption | 00:06:19 Duration |
|
Lecture 7 | Lab - EBS Encryption | 00:07:20 Duration |
|
Lecture 8 | Lab - KMS Features (Symmetric, Asymmetric, Key Material Origin, Resource Policy) | 00:07:44 Duration |
|
Lecture 9 | Lab - KMS Automatic and Manual Key Rotation | 00:04:54 Duration |
|
Lecture 10 | KMS APIs | 00:04:57 Duration |
|
Lecture 11 | AWS Sample Question #8 | |
|
Lecture 12 | Answer to question #8 |
Section 18 : SSLTLS Encryption
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | Lab - Enabling SSL at Elastic Load Balancer | 00:11:18 Duration |
|
Lecture 3 | End to End Encryption from client up to EC2 instance or Target (end-end) | |
|
Lecture 4 | Lab - CloudFront Custom Domain and SSL | 00:06:26 Duration |
|
Lecture 5 | S3, SSL and Custom Domain |
Section 19 : Security Incident Response
|
Lecture 1 | Downloadable Resources | |
|
Lecture 2 | AWS Acceptable Use Policy - Your Responsibilities in preventing an incident | 00:08:06 Duration |
|
Lecture 3 | Security Incident Response Concepts | 00:10:06 Duration |
|
Lecture 4 | Three Simple Tips for securing your EC2 instances | |
|
Lecture 5 | Security Testing Policies in AWS | 00:06:19 Duration |
|
Lecture 6 | NEW AWS Penetration Testing Policy Changes | |
|
Lecture 7 | AWS Sample Question #10 | |
|
Lecture 8 | Answer to question #10 |
Section 20 : Summary of Security Products and Capabilities
|
Lecture 1 | AWS Security Products Summary |