Section 1 : Introduction

Lecture 1 INTRODUCTION TO BRAINMEASURES PROCTOR SYSTEM
Lecture 2 Security Specialty Exam Overview
Lecture 3 Increase the speed of learning

Section 2 : Housekeeping

Lecture 1 Account Reuse Instructions
Lecture 2 Downloadable Resources
Lecture 3 AWS Account Setup, Free Tier Offers, Billing, Support 00:06:58 Duration
Lecture 4 Billing Alerts, Delegate Access
Lecture 5 IAM Admin User and Command Line Tool Setup 00:08:14 Duration
Lecture 6 EC2 KeyPair and tools to login 00:04:59 Duration
Lecture 7 Heads-up - You can also log in to a machine using Systems Manager

Section 3 : Architecture of a cloud based solution

Lecture 1 Refresher Topic Tips
Lecture 2 Purpose of this section
Lecture 3 Order Processing System - A Server-Based Design 00:09:36 Duration
Lecture 4 Decouple layers using Queues and Notification Service 00:06:21 Duration
Lecture 5 Order Processing System - Serverless Design 00:08:53 Duration

Section 4 : VPC Refresher

Lecture 1 Downloadable Resources
Lecture 2 Network Addressing Primer - CIDR, Public, Private IP Address Blocks 00:12:13 Duration
Lecture 3 VPC Introduction, App Deployment, Router, Internet Gateway
Lecture 4 Firewall - Security Group 00:04:33 Duration
Lecture 5 Firewall - Network ACL (NACL) 00:06:08 Duration
Lecture 6 IP Types - Private, Public, Elastic 00:03:54 Duration
Lecture 7 AWS Service Integration - Internet, NAT, Gateway and Interface Endpoints 00:08:39 Duration
Lecture 8 Peering Connection, Transit Gateway 00:04:28 Duration
Lecture 9 External Clients, Public Endpoints, Private Link 00:03:04 Duration
Lecture 10 Bastion Host, Session Manager (Systems Manager) 00:04:26 Duration
Lecture 11 VPC Traffic Flow Walk-through
Lecture 12 Default VPC, Flow Log, Resource Access Manager, and NAT sourcedestination check
Lecture 13 Hybrid Infrastructure - Site-Site VPN, Cloud Hub, Client VPN 00:06:16 Duration
Lecture 14 Hybrid Infrastructure - Direct Connect 00:03:08 Duration
Lecture 15 Heads-up RAM and Transit Gateway coming up in Organization Section
Lecture 16 Lab - New Public VPC 00:04:21 Duration
Lecture 17 Amazon Linux 2 AMI
Lecture 18 Lab - Launch EC2 instance in public subnet and login using Putty 00:06:03 Duration
Lecture 19 Lab - Security Group and NACL Firewall 00:06:39 Duration
Lecture 20 Lab - Ping EC2 Instances 00:03:49 Duration
Lecture 21 Lab - VPC Peering (Same Region) 00:04:05 Duration
Lecture 22 Lab - VPC Peering (Cross Region) 00:11:49 Duration
Lecture 23 AWS Sample Exam Question #3
Lecture 24 Answer to Question #3
Lecture 25 AWS Sample Exam Question #6
Lecture 26 Answer to question #6

Section 5 : EC2 and Storage Refresher

Lecture 1 Downloadable Resources
Lecture 2 EC2 Important Concepts Review
Lecture 3 Bastion Host and Credential Forwarding
Lecture 4 Amazon Linux 2 AMI
Lecture 5 Lab - EC2 Instance with IAM Roles to Access S3 00:06:34 Duration
Lecture 6 Introduction to Storage 00:08:39 Duration
Lecture 7 Elastic Block Store (EBS) 00:13:09 Duration
Lecture 8 Elastic File System, FSx for Windows, FSx for Lustre 00:04:53 Duration

Section 6 : Monitoring - CloudWatch Metrics and Logs Refresher

Lecture 1 Downloadable Resources
Lecture 2 Introduction to CloudWatch 00:02:38 Duration
Lecture 3 CloudWatch Metrics and Alarms 00:04:18 Duration
Lecture 4 CloudWatch Log Group, Log Stream, Metric Filter and Alarms 00:03:29 Duration
Lecture 5 Lab - Stop Idle Instance using CloudWatch Alarms 00:09:29 Duration
Lecture 6 Heads up in-depth CloudWatch Log labs

Section 7 : Elastic Load Balancing and Auto Scaling Refresher

Lecture 1 Downloadable Resources
Lecture 2 Introduction to Elastic Load Balancer 00:08:49 Duration
Lecture 3 Types of Load Balancers, Private Link 00:08:31 Duration
Lecture 4 Lambda function as a target
Lecture 5 NEW - Gateway Load Balancer
Lecture 6 Amazon Linux 2 AMI
Lecture 7 Lab - Launch WebServer Instances with User Data 00:06:54 Duration
Lecture 8 Lab - Application Load Balancer 00:03:54 Duration
Lecture 9 Lab - Cleanup
Lecture 10 Finer Points - Security Group and NACL with Load Balancers
Lecture 11 Introduction to Auto Scaling 00:05:46 Duration
Lecture 12 Amazon Linux 2 AMI
Lecture 13 Lab - Maintain Fleet with Auto Scaling 00:08:03 Duration
Lecture 14 Lab - Simulate Server Error and Application Error 00:03:13 Duration
Lecture 15 Cleanup

Section 8 : S3 Refresher

Lecture 1 Downloadable Resources
Lecture 2 S3 Storage Classes 00:07:34 Duration
Lecture 3 Consistency Model
Lecture 4 Versioning 00:04:12 Duration
Lecture 5 Lifecycle Management
Lecture 6 Access Control 00:04:03 Duration
Lecture 7 Replication (CRR, SRR) 00:02:51 Duration
Lecture 8 Performance and Storage Gateway 00:08:50 Duration
Lecture 9 Encryption (SSE-S3, SSE-KMS, SSE-C, Client Side) 00:06:36 Duration
Lecture 10 SFTP, CORS, Pre-signed URL, Macie, Object Lock 00:08:26 Duration
Lecture 11 Lab - S3 Storage Classes 00:05:35 Duration
Lecture 12 Lab - S3 Versioning 00:04:05 Duration
Lecture 13 Lab - S3 Age Based Retention 00:03:51 Duration
Lecture 14 Lab - S3 Tiered Storage 00:03:12 Duration
Lecture 15 Lab - S3 Replication 00:05:45 Duration
Lecture 16 Lab - S3 Encryption AWS Managed Key and Customer Master Key 00:06:19 Duration

Section 9 : Route 53 Refresher

Lecture 1 Introduction to Route 53 and How DNS Server Works 00:03:10 Duration
Lecture 2 Demo - DNS Lookup 00:02:52 Duration
Lecture 3 Route 53 Core Capabilities, Availability, Latency 00:02:31 Duration
Lecture 4 Routing Policy - Types of Traffic Routing 00:01:52 Duration
Lecture 5 DNS Terminologies 00:02:33 Duration
Lecture 6 Route 53 Important Concepts Review
Lecture 7 Heads up Route 53 labs with custom domains in SSLTLS section

Section 10 : CloudFront Refresher

Lecture 1 Downloadable Resources
Lecture 2 Why CloudFront 00:06:18 Duration
Lecture 3 CloudFront Security, Lambda@Edge 00:08:29 Duration
Lecture 4 Downloadable Lab Resources
Lecture 5 Lab - CloudFront Distribution with S3 Origin 00:08:43 Duration
Lecture 6 Lab - Cache Configuration and Invalidation 00:04:49 Duration
Lecture 7 Lab - Origin Access Identity (OAI) 00:03:37 Duration
Lecture 8 CloudFront with S3 Origin
Lecture 9 Heads-up Custom Domain and WAF protection

Section 11 : Global Accelerator Refresher

Lecture 1 Downloadable Resources
Lecture 2 Introduction to Global Accelerator 00:03:53 Duration
Lecture 3 Global Accelerator - How it works 00:05:47 Duration
Lecture 4 Amazon Linux 2 AMI
Lecture 5 Lab - Global Accelerator 00:05:50 Duration

Section 12 : Identity and Access Management

Lecture 1 Downloadable Resources
Lecture 2 Shared Responsibility Model, Security and Access Management 00:08:24 Duration
Lecture 3 User Credentials, Permission Management 00:07:25 Duration
Lecture 4 Policy Types, Amazon Resource Naming (ARN) Convention 00:08:31 Duration
Lecture 5 Elements and Structure of a Policy Document 00:06:55 Duration
Lecture 6 Policy Best Practices with Examples, Attribute Based Access Control (ABAC) 00:07:42 Duration
Lecture 7 IAM Roles, Application Access, Cross-account Access 00:06:17 Duration
Lecture 8 IAM Role and External ID
Lecture 9 Identity Federation - Corporate Identity, Social Identity 00:06:17 Duration
Lecture 10 Active Directory Integration Options and Trust Management 00:06:20 Duration
Lecture 11 STS - Temporary Security Credentials
Lecture 12 Lab - Identity-based Policy - Part 1 00:05:01 Duration
Lecture 13 Lab - Identity-based Policy - Part 2 00:05:40 Duration
Lecture 14 Lab - Boundary Permissions Explained 00:03:53 Duration
Lecture 15 Lab - Resource-based Policy 00:05:15 Duration
Lecture 16 Lab - Restrict Access By IP 00:07:00 Duration
Lecture 17 Lab - Restrict Access By VPC Endpoint 00:05:22 Duration
Lecture 18 Lab - Cross Account Access with Resource Based Policy 00:03:52 Duration
Lecture 19 Lab - Cross Account Access with IAM Roles - Part 1 00:06:51 Duration
Lecture 20 Lab - Cross Account Access with IAM Roles - Part 2 00:06:02 Duration
Lecture 21 Revoking access to Temporary Credentials
Lecture 22 AWS Sample Exam Question #1
Lecture 23 Answer to Question #1
Lecture 24 AWS Sample Exam Question #4
Lecture 25 Answer to Question #4
Lecture 26 AWS Sample Exam Question #5
Lecture 27 Answer to Question #5
Lecture 28 AWS Sample Exam Question #7
Lecture 29 Answer to question #7

Section 13 : Logs and Events - Visibility into activities in AWS

Lecture 1 Downloadable Resources
Lecture 2 Introduction to Logs and Events 00:08:36 Duration
Lecture 3 CloudTrail - Capture all AWS API activity 00:11:03 Duration
Lecture 4 Lab - CloudTrail Event History 00:08:47 Duration
Lecture 5 Lab - Consolidate account activity to S3, CloudWatch Log and Log Integrity Check 00:10:28 Duration
Lecture 6 Lab - Log Insights to Query CloudTrail Activity 00:07:54 Duration
Lecture 7 Lab - Athena SQL to Query CloudTrail Activity 00:07:48 Duration
Lecture 8 Lab - CloudWatch Events Real-time Monitoring of EC2 State 00:06:22 Duration
Lecture 9 Lab - Real-time Monitoring of Root Usage using CloudWatch Events 00:03:22 Duration
Lecture 10 Lab - CloudWatch Log Metric Filter based Monitoring of Root Usage 00:06:44 Duration
Lecture 11 AWS Sample Question #9
Lecture 12 Answer to question #9

Section 14 : Visibility into Network Activity in your VPC

Lecture 1 Downloadable Resources
Lecture 2 Lab - VPC Flow Logs Capture, Format and Querying 00:11:39 Duration
Lecture 3 Lab - Troubleshoot Security Group and Network ACL firewall Connectivity Issues 00:07:15 Duration
Lecture 4 Packet Capture - VPC Traffic Mirroring and External AMI

Section 15 : AWS Organizations - Multi-Account Management

Lecture 1 Downloadable Resources
Lecture 2 Lab - Create Organization, Member Accounts, Service Control Policies and Trail 00:09:17 Duration
Lecture 3 Lab - Organizational Units and test effect of Service Control Policies (SCP) 00:06:34 Duration
Lecture 4 Lab - Single Sign-on (SSO), Cross-Account Access and Permission Sets 00:09:18 Duration
Lecture 5 Resource Sharing Across Account - Resource Access Manager and Transit Gateway 00:03:47 Duration
Lecture 6 How to setup Bastion Host and Credential Forwarding
Lecture 7 Lab - Resource Access Manager - Share VPC and NAT Gateway with member accounts 00:08:22 Duration
Lecture 8 Lab - Transit Gateway to Interconnect VPCs 00:06:55 Duration
Lecture 9 Transit Gateway - VPC attachment
Lecture 10 Lab - Transit Gateway - Route Outbound traffic through common NAT Gateway 00:10:10 Duration

Section 16 : Protect and Manage Resources

Lecture 1 Downloadable Resources
Lecture 2 2020 Type of Attacks and Case Study 00:07:28 Duration
Lecture 3 2020 Case Study Solution Discussion 00:07:33 Duration
Lecture 4 AWS Web Application Firewall (WAF) 00:07:07 Duration
Lecture 5 Lab - AWS WAF 00:05:03 Duration
Lecture 6 AWS Shield 00:04:37 Duration
Lecture 7 IPTables, Windows Firewall, HostInstance Based Firewall
Lecture 8 Secrets Manager 00:03:23 Duration
Lecture 9 Systems Manager 00:03:29 Duration
Lecture 10 Systems Manager Parameter Store
Lecture 11 AWS Config 00:02:08 Duration
Lecture 12 AWS Inspector, Trusted Advisor and Integrated Usage Walk-through 00:04:10 Duration
Lecture 13 Lab - Systems Manager Setup and Policies 00:03:51 Duration
Lecture 14 Lab - Managed Instances, Session Manager, Compliance Status 00:07:43 Duration
Lecture 15 Lab - Patch Manager 00:05:31 Duration
Lecture 16 Lab - CloudWatch Log Agent to monitor log files in the server 00:10:25 Duration
Lecture 17 Managing Private Instances
Lecture 18 AWS Sample Exam Question #2
Lecture 19 Answer for Question #2
Lecture 20 Download Config Lab Slides
Lecture 21 Lab - AWS Config S3 bucket encryption compliance 00:08:57 Duration
Lecture 22 Lab - AWS Config Automated Remediation 00:06:54 Duration
Lecture 23 Config Aggregation
Lecture 24 Lab - AWS Inspector for Network Reachability, Vulnerability and Host Hardening 00:06:12 Duration
Lecture 25 Lab - Trusted Advisor 00:03:46 Duration
Lecture 26 GuardDuty and Macie Overview

Section 17 : Key Management System (KMS) - Encryption key management

Lecture 1 Downloadable Resources
Lecture 2 Symmetric & Asymmetric Encryption, Digital Signing and Common Challenges 00:07:01 Duration
Lecture 3 Envelope Encryption Concepts and S3 Server Side Encryption 00:05:03 Duration
Lecture 4 EBS Volume Encryption, RDS and DynamoDB Encryption 00:07:18 Duration
Lecture 5 RDS Database encryption options
Lecture 6 Lab (repeat) - S3 AWS Managed Key and Customer Managed Key Encryption 00:06:19 Duration
Lecture 7 Lab - EBS Encryption 00:07:20 Duration
Lecture 8 Lab - KMS Features (Symmetric, Asymmetric, Key Material Origin, Resource Policy) 00:07:44 Duration
Lecture 9 Lab - KMS Automatic and Manual Key Rotation 00:04:54 Duration
Lecture 10 KMS APIs 00:04:57 Duration
Lecture 11 AWS Sample Question #8
Lecture 12 Answer to question #8

Section 18 : SSLTLS Encryption

Lecture 1 Downloadable Resources
Lecture 2 Lab - Enabling SSL at Elastic Load Balancer 00:11:18 Duration
Lecture 3 End to End Encryption from client up to EC2 instance or Target (end-end)
Lecture 4 Lab - CloudFront Custom Domain and SSL 00:06:26 Duration
Lecture 5 S3, SSL and Custom Domain

Section 19 : Security Incident Response

Lecture 1 Downloadable Resources
Lecture 2 AWS Acceptable Use Policy - Your Responsibilities in preventing an incident 00:08:06 Duration
Lecture 3 Security Incident Response Concepts 00:10:06 Duration
Lecture 4 Three Simple Tips for securing your EC2 instances
Lecture 5 Security Testing Policies in AWS 00:06:19 Duration
Lecture 6 NEW AWS Penetration Testing Policy Changes
Lecture 7 AWS Sample Question #10
Lecture 8 Answer to question #10

Section 20 : Summary of Security Products and Capabilities

Lecture 1 AWS Security Products Summary