AWS Certified Security Specialty Course
-
About the course and exam
About this course (please watch) -
About the exam
-
Why are domains out of order?
-
[Cheat Sheet] Services you need to focus on learning
-
Course resources and downloads
-
Tips & tricks from learners who passed the exam
-
Getting StartedOur community
-
Create and configure your AWS account
-
Secure the root user
-
Set up Budget Alarms
-
Install tools and configure your machine
-
Centrally deploy and manage AWS accountsThe AWS SRA Project
-
AWS Organizations
-
About SCPs
-
Deploying SCPs
-
Testing SCPs
-
Resource Control Policies (RCPs)
-
AWS Control Tower
-
[Quiz] Centrally deploy and manage AWS accounts
-
Tagging best practices
-
Design, implement, and troubleshoot authorization for AWS resourcesWhat are IAM roles?
-
Managed vs. Inline Policies
-
[Cheat Sheet] Anatomy of an IAM Policy
-
Identity-based policies vs. resource-based policies
-
IAM permissions boundaries
-
Session control policies
-
Policy evaluation flow
-
Common policy conditions
-
[Quiz] IAM Policies Roles and Permissions in AWS
-
Trusted Entity Types
-
Creating a service role
-
Service-linked roles
-
Cross-account access with roles
-
[Quiz] Cross account access
-
Cross-account roles for 3rd party access (prevent confused deputy)
-
ABAC and RBAC for access control
-
IAM Roles Anywhere
-
[Quiz] IAM Advanced Access Control
-
Design, implement, and troubleshoot authentication for AWS resourcesIAM Users vs. Identity Center Users
-
Enable Identity Center (SSO)
-
[Cheat Sheet] IAM Identity Center
-
Delegating administration of Identity Center
-
Creating permission sets (roles) from delegated admin
-
Assuming roles created through Identity Center
-
Centrally managing root access
-
IAM Credentials Report
-
AWS Directory Service
-
About Amazon Cognito
-
[Quiz] AWS Identity Center and Federated Access Management
-
AWS security tools and servicesAWS Trusted Advisor
-
About AWS CloudTrail
-
Management, Data, and Insights Events
-
The 3 ways of recording data
-
[Cheat Sheet] CloudTrail Events and Data Recording
-
Log file integrity
-
Log file encryption
-
Deploying AWS CloudTrail Organization Trail
-
Centralized CloudTrail Lake for Incident Response
-
[Quiz] CloudTrail Security and Logging
-
About Amazon CloudWatch
-
About Amazon GuardDuty
-
[LAB] Amazon GuardDuty Demo
-
Delegating and Centralizing GuardDuty
-
Amazon EventBridge
-
Amazon Detective
-
Delegating and Centralizing Detective
-
[LAB] Amazon Inspector
-
About AWS Security Hub CSPM
-
Delegating and Centralizing Security Hub CSPM
-
[Quiz] Security Monitoring and Threat Detection
-
Amazon S3 SecurityManaging access to S3 buckets
-
[Cheat Sheet] S3 Bucket Policies vs. ACLs vs. IAM Policies
-
[LAB] [Challenge] Create an IAM role for secure access to S3 based on a scenario
-
Using Signed URLs
-
[LAB] S3 Presigned URLs
-
[Quiz] S3 Access Control
-
Encrypting S3 data
-
[Quiz] S3 Data Encryption
-
S3 Access Points
-
S3 Access Grants
-
[Quiz] Managing S3 Access at Scale
-
IAM Access Analyzer for S3
-
S3 CORS
-
[DEMO] Enable S3 Object Versioning
-
S3 Object Lock
-
[Cheat Sheet] Amazon S3 Protection Summary
-
[Cheat Sheet] Create a least privilege S3 bucket policy
-
[Quiz] Protecting S3 Data
-
Amazon S3 Storage Classes
-
Amazon S3 Glacier
-
[Quiz] S3 Storage Classes
-
Protecting data, credentials, and secretsAWS KMS
-
The lifecycle of a KMS key
-
Cross-account and multi-region keys
-
Key aliases
-
[DEMO] Creating a Symmetric Encryption KMS Key
-
[Cheat Sheet] Encrypt and Decrypt Data with KMS and Data Keys
-
[LAB] Encrypt and Decrypt Data with KMS and Data Keys
-
[Scenario] [FREE] S3 bucket access denied issues
-
Imported keys and external key stores
-
Monitoring keys and encryption
-
EBS Volume Encryption
-
Amazon Elastic File System (EFS)
-
AWS Secrets Manager
-
Rotating secrets
-
Replicate secrets across regions
-
Cross-account secrets access
-
AWS Systems Manager Parameter Store
-
Securing Amazon RDS
-
[LAB] Encrypting an unencrypted RDS database
-
Creating and managing certificates
-
Data replication and backups
-
GenAI Security Controls in AWS and OWASP Top 10
-
Secure and consistent deployment strategy for cloud resourcesAbout AWS CloudFormation
-
Deploying resources with CloudFormation
-
Multi-account and multi-region deployments
-
Detecting and fixing drift
-
[LAB] CloudFormation Guard
-
[Quiz] CloudFormation
-
Using AWS Service Catalog - Part 1
-
Using AWS Service Catalog - Part 2
-
About AWS Firewall Manager
-
Using AWS RAM to share resources across accounts
-
[Quiz] Service Catalog and Firewall Manager
-
Security tools for code vulnerabilities
-
Compliance and automatic remediation of AWS resourcesAbout AWS Config
-
Delegating AWS Config
-
AWS Config Initial Setup
-
About AWS Systems Manager (SSM)
-
AWS Config Automated Remediation with SSM
-
[LAB] Automated S3 Remediation to Enforce Block Public Access
-
[LAB] Remediate Open SSH Security Groups with AWS Config and SSM
-
Monitoring AWS Config with EventBridge
-
Customizing and monitoring EventBridge rules
-
Transforming events with EventBridge
-
Multi-account AWS Config
-
AWS Config Aggregators and Advanced Queries
-
AWS Config Multi-Account Conformance Packs
-
[Quiz] AWS Config and EventBridge
-
AWS SSM Patch Manager and Run Command
-
About Amazon Macie
-
Deploying Amazon Macie
-
About AWS Audit Manager
-
Running assessments with Audit Manager
-
Evidence and generating reports with Audit Manager
-
AWS Artifact
-
About Amazon SNS for Data Protection
-
[Quiz] Macie, SNS, and Audit Manager
-
Securely deploying and accessing compute resourcesVPCs and their components
-
[LAB] [DEMO] Launch and connect to EC2 instances
-
SSM Session Manager
-
[LAB] Secure EC2 Access with SSM Session Manager and KMS
-
Hardening EC2 AMIs and Container Images
-
[Quiz] Securely deploying and accessing compute resources
-
Elastic Load Balancers
-
ELB Health Checks and Encryption
-
ELB Logging and Metrics
-
VPC Endpoints and AWS PrivateLink
-
AWS hybrid and remote connectivity
-
Amazon VPC Network Access Analyzer
-
Code Signing with AWS Signer
-
Design, Implement, and Troubleshoot CloudWatch LoggingCentralized CloudWatch Logging
-
Configure the Amazon unified CloudWatch agent
-
[LAB] Install and Configure the Amazon CloudWatch Unified Agent on EC2
-
CloudWatch Logs data protection policies
-
[LAB] Protect CloudWatch Logs data with masking policies
-
[Cheat Sheet] Troubleshoot CloudWatch Agent configurations
-
[Quiz] CloudWatch logging
-
Working with security logs[LAB] Amazon VPC Flow Logs
-
Transit Gateway Flow Logs
-
Amazon Route 53 Resolver query logs
-
[DEMO] Enable S3 Server Access Logs
-
[LAB] S3 Server Access Logs – AWS Console
-
[LAB] S3 Server Access Logs – CLI
-
[Quiz] Network Flow Logs and Access Logs
-
About Athena
-
[DEMO] Using Athena with CloudTrail logs
-
About AWS Glue
-
Amazon Security Lake
-
[DEMO] Enable Amazon Security Lake
-
[DEMO] Querying Security Lake data with Athena
-
Amazon OpenSearch
-
Amazon Managed Grafana
-
[Quiz] Security Log Analysis and Visualization
-
Infrastructure, Network, and Edge SecurityAbout Amazon CloudFront
-
CloudFront Origin Access Control (OAC)
-
CloudFront and Geo Restrictions
-
CloudFront Headers
-
CloudFront Logging
-
CloudFront Signed URL and Cookies
-
CloudFront Field-Level Encryption
-
AWS WAF and Rate Limiting
-
About the AWS WAF
-
AWS Shield Advanced
-
API Gateway Security
-
Design and implement an incident response planIncident response planning basics for AWS
-
Automating Incident Response in AWS
-
Playbooks and runbooks
-
[Cheat Sheet] The 6 phases of IR mapped to AWS services
-
[Checklist] AWS Incident Response Planning Checklist
-
[Quiz] Incident response planning
-
Incident containment in AWS
-
[Quiz] Choosing the Right EC2 Containment Layer
-
Test and validate your Incident Response plans
-
Detect security threats and anomaliesAbout IAM Access Analyzer
-
IAM Access Analyzer Unused Access
-
[LAB] Check policies for new access before deployment with IAM Access Analyzer
-
[LAB] Check IAM policies against a deny list with IAM Access Analyzer
-
Deploying Access Analyzer Multi-Account
-
[Quiz] IAM Access Analyzer
-
[Scenario] Alert and monitoring for all root activities
-
[LAB] Security Observability with CloudWatch Dashboards
-
Respond to compromised resources and workloads[LAB] Automated security response with EventBridge and Lambda
-
Incident management with SSM OpsCenter and Explorer
-
Using Step Functions for Automated Security Workflows
-
Automatically remediating incidents
-
Using SageMaker AI Notebooks for Incident Response
-
[Quiz] Automatically remediate incidents
-
Practice ExamsWhere can I find the practice exams?
-
Live Practice Exams Study Group Session 1
-
Live Practice Exams Study Group Session 2
-
ConclusionWhat to do once you pass the exam
Hi, I’m Christophe Limpalair, Founder & Trainer at Cybr. This course is going to be a collection of 9+ years’ worth of AWS experience, as well as my research, notes, cheat sheets, labs, and everything else I could muster up to help you pass your exam.
Huge thanks to Sonrai Security for sponsoring this course!
I was able to make this entire course free thanks to our sponsor, Sonrai Security. They’re supporting free, high-quality cloud security education, and they made it possible for me to publish all of these lessons openly.
I’ll share more about their Cloud Permissions Firewall and Just-In-Time access throughout the course, but in the meantime you can check them out here!
What’s free and what’s not
This course has:
- Video & text lessons (with full transcripts) (this is all free thanks to Sonrai)
- Hands-On Labs (a few are free but most are premium)
- Quizzes (a few are free but most are premium)
- Practice exams (premium)
- Study tips and tricks (free)
- Cheat sheets (free)
The video and text lessons are available for free. The labs, quizzes, and practice exams are available to Cybr Premium Members. There are a few exceptions since we have a few free labs and quizzes sprinkled throughout the syllabus, but most will require a membership (either monthly or yearly) to access.
FAQs
Some frequently asked questions:
- Do I need a premium membership to pass my exam? Nope! We designed as much free content as possible to help you pass the exam without having to have a Cybr Premium membership. With that said, you might still want to consider a membership to access our premium version of this course. This Premium Edition is designed for professionals who want to learn AWS security in practice, not just theory. It will also give you a lot more practice with quizzes and practice exams.
- Why can’t I mark a lesson as complete? Lessons that have videos require that you watch the video in order to be able to mark them as complete. If the “Mark Complete” button is missing, that’s why!
- What prerequisites do I need? We highly recommend having at least 1 year of experience working in AWS. This is not an entry level certification, and that’s important to keep in mind. If you’re not already at least a little bit familiar with the AWS CLI, what a VPC is, what an AWS Organization is, etc…then we do not recommend enrolling in this course right now. Instead, go for the AWS Cloud Practitioner or AWS Certified Solutions Architect – Associate first, and then come back to this. Our Intro to AWS Security course is also a great starting point.
Let’s get started!
If you know anyone else studying for this cert or interested in passing it, don’t forget to share with them!
Otherwise, let’s get AWS Security Specialty Certified! See you in the course.
Good to be here
I’m preparing for SCS-C02 as well.
I’ve been working relatively in a good pace, but that has been disturbed over the Christmas and New Year. Now I need to get back on track and prepare well for my soon to be exam!
Holidays tend to do that 🙂 let’s get certified! Please feel free to share helpful resources along the way
Hello everyone, Glad to be here and to take part of this journey.
I’m preparing for SCS-C02 as well and will be more than happy to learn and share with you all 🙂.
Welcome! Glad to have you here 🙂 let’s do this!
nice sir.
Happy to be onboard on this journey and to learn more about cloud security.
Happy to be here
Thank you for doing this course. It is greatly appreciated.
Of course!! Hope it helps
Glad to prepared for the AWS Certified Security Specialty (SCS-C02) Course, thanks for the opportunity
Good luck with your studying!
I am preparing for the course.
Your experience is really helpfull to juniors
Happy learning!
looking forward to understanding AWS from an experienced security engineer’s perspective.thanks
I am so excited about this course because my exam is in a week.
Hey that’s awesome, looking forward to this.
Thanks for sharing your knowledge with everyone who is passionate about new cloud security technology.
Happy to be here
Heard you guys are good so let see
Hey welcome to Cybr! Please keep in mind this course is in very early stages and still in active development. We’ve got quite a bit of content coming for it soon, including videos 🙂 happy learning!
thanks…I am excited!
Good to be here
Hi, Christophe Limpalair, thank you so much for this course. I am here with a hope to learn cloud security. 🙂
Happy to learn
Good to be here
Glad to have you here!
Im Ready to get started!!! I want to prepare myself to find a full time job in cybersecurity!
I successfully passed the previous version of this certification (Security Specialty) in early 2021, but it has now lapsed. Since taking the exam my role at work took me into a different direction, – to GCP Cloud, and I’ve taken and passed almost all GCP certification except 1. I’m now thinking about retaking this exam. I still have my notes from the previous version. Is there much difference this version and the previous version? I’m thinking of saving time and only going through the delta that has changed.
Sorry, I forgot to mention, I joint joined Cybr.
Good to be here
Nice to have you here, welcome!
Thank you for the opportunity to learn.
Great to be part of the security community
Nice
Been thinking about looking into this cert for about 6 months. This course may have just solidified my choice. Thank you!
Let’s do it!!! Keep me posted!
This is awesome
Glad you’re enjoying it!
my task is to complete the cert in June. Thanks for sharing it, Chris
That is great, thank you Christophe.
Glad to hear it, thank you!
good to be here
Thank you very much Chris for taking your time and creating this course I want to prepare for this certification, therefore I will encourage while studying with your material
awesome opportunity
Thank you
I’m preparing for SCS-C02 as well and I am currently working as SOC L2 Analyst
Thanks for this opportunity
Glad to have you here!
Thank you, Christophe, for this content, which I find both interesting and informative.
The course was created on October 10, 2024, and many sections are still in the process of being developed or completed.
Do you have an estimated date for when the full course will be available?
thank you for this opportunity
Looking forward to grub a ton of knowledge from industry professionals
cool
Thank you
Excited !!!!
Very helpful thanks for this
Yes, it’s right platform for preparation and improving own technical knowledge skills in cloud security specialist.
Good to be here
Hi, looking forward to checking this course out
Enjoy!
Does the premium AWS Certified Security Specialty and the free version become linked like the experience is one course?
Hi I am preparing for the AWS Certified Security – Specialty.
Good to go the study material.
Lets do this
Hello everyone, excited to join this journey toward the AWS Security Specialty (SCS-C02) certification, ready to learn, share, and grow together with the community.
I am a DevSecOps engineer currently preparing for SCS-C03. Hoping to give the certification within a month. I was looking for resources to prepare and came upon this course. Thanks for offering this course.
I am preparing for SCS-C03 as its my certification renewal time.
PS: I have been following you since you were in Linux Academy and check your posts on LinkedIn from time to time.
This just made my day! Love to see Linux Academy folks here! You should DM me on LinkedIn so we can catch up and I can see what you’re up to 🙂
good one
This is a great resources
Hi Everyone, Nice to meet you all!
I am looking to master Cloud Security, get certified, and learning from my peers.
good to be here
welcome!
Is this one for the “Absolute Beginners”?
I covered this in the video 🙂 please watch! But no, this course and certification exam is NOT for absolute beginners to AWS/cloud. I would recommend starting with our other courses first
Excited for the course.
Hi Could you please let me know the answer for the following questions?
is this course is completed one or still in progress? if it is still in progress how long will it takes?
Hi, the course is approximately 85% done. The remaining 15% of lessons are being added throughout March!
Good to be here
Thanks