+91-9871262198
info@cloud360.co
Our cloud training videos have over 100K views on
Cloud360-logo

AWS Certified Security – Specialty (Security Engineering on AWS)

Last Updated: 01-03-2025

The AWS Certified Security – Specialty course is designed for professionals who want to deepen their knowledge of security on AWS and prepare for the AWS Certified Security – Specialty certification exam. This advanced-level course covers the latest security best practices, tools, and strategies for securing cloud environments. You will learn how to design and implement robust security controls, protect data, manage identities, and handle compliance in AWS environments. This training equips you with the skills necessary to tackle complex security challenges and secure your cloud infrastructure effectively.

Register Your Interest

450K+

Career Transformation

250+

Workshop Every Month

100+

Countries and Counting

Schedule Learners Course Fee Register Your Interest
April 28th - 30th
09:00 - 17:00 (CST)
Live Virtual Classroom
USD 960
Fast Filling! Hurry Up.
April 21st - 23rd
09:00 - 17:00 (CST)
Live Virtual Classroom
USD 960
May 12th - 19th
09:00 - 13:00 (CST)
Live Virtual Classroom
USD 960
June 02nd - 04th
09:00 - 17:00 (CST)
Live Virtual Classroom
USD 960

Course Prerequisites

  • AWS Certified Solutions Architect – Associate or equivalent knowledge of AWS services and cloud infrastructure.
  • Strong understanding of general security concepts, identity management, and networking.
  • Recommended: Experience in security engineering, network security, or cloud security.

Learning Objectives

By the end of this course, you will be able to:

  1. Design and implement AWS security controls using IAM, KMS, and CloudTrail.
  2. Apply security best practices for data encryption, monitoring, and auditing.
  3. Architect secure and compliant AWS environments across multiple regions.
  4. Implement advanced security measures to protect data in transit and at rest.
  5. Use AWS services to prevent, detect, and respond to security incidents.
  6. Secure network architectures using VPC, NACLs, and security groups.
  7. Ensure compliance with regulatory frameworks like GDPR, HIPAA, and PCI-DSS in AWS.
  8. Prepare for the AWS Certified Security – Specialty exam with hands-on labs and real-world case studies.

Target Audience

This course is ideal for:

  • Security professionals and engineers responsible for securing AWS environments.
  • IT professionals preparing for the AWS Certified Security – Specialty exam.
  • Cloud architects and administrators focused on security best practices.
  • DevSecOps and compliance officers seeking to enhance their AWS security skills.

Course Modules

  1. Security Overview and Review

    • Understanding Security in the AWS Cloud.
    • Exploring the AWS Shared Responsibility Model.
    • Overview of IAM, Data Protection, and Threat Detection and Response.
    • Using MFA for enhanced protection.
    • Protecting the root user account and access keys.

  2. Securing Entry Points on AWS

    • Utilizing multi-factor authentication (MFA).
    • Protecting root user accounts and access keys.
    • Understanding IAM policies, roles, and permission boundaries.
    • Logging API requests with AWS CloudTrail.
    • Hands-On Lab: Using Identity and Resource-Based Policies.

  3. Account Management and Provisioning on AWS

    • Managing multiple AWS accounts with AWS Organizations and AWS Control Tower.
    • Implementing multi-account environments.
    • Using identity providers and brokers for AWS access.
    • Managing domain user access with AWS Directory Service and IAM Identity Center.
    • Hands-On Lab: Managing Domain User Access with AWS Directory Service.

Day 2:

  1. Secrets Management on AWS

    • Overview of AWS KMS, CloudHSM, ACM, and Secrets Manager.
    • Creating multi-Region AWS KMS keys.
    • Encrypting secrets with AWS KMS keys.
    • Using encrypted secrets to connect to Amazon RDS across Regions.

  2. Data Security

    • Protecting data at rest with encryption and access controls.
    • Using AWS services for data replication and archiving.

  3. Security Considerations: Hybrid Environments

    • Identifying security points outside of a VPC.
    • Understanding common DoS threats.

  4. Monitoring and Collecting Logs on AWS

    • Monitoring events and collecting logs with AWS CloudWatch.
    • Using AWS Config for resource monitoring.
    • Generating and collecting logs with AWS-native services.
    • Hands-On Lab: Server Log Analysis – Collecting Logs.

  5. Processing Logs on AWS

    • Streaming and processing logs for analysis.
    • Utilizing AWS services to process logs stored in S3.
    • Hands-On Lab: Server Log Analysis – Processing Logs.

Day 3:

  1. Securing Networking Communications

    • Applying security best practices to VPC configurations.
    • Implementing ELB as a protection point.
    • Protecting data in transit using certificates.

  2. Out-Of-Region Protection

    • Understanding protection strategies for out-of-region resources.

  3. Account Management on AWS

    • Managing AWS accounts effectively.

  4. Security Considerations: Serverless Environments

    • Identifying security considerations in serverless architectures.

  5. Secrets Management on AWS

    • Advanced techniques in managing secrets securely.

  6. Automating Security on AWS

    • Leveraging AWS tools for security automation.

  7. Threat Detection and Sensitive Data Monitoring

    • Utilizing AWS services for threat detection and monitoring sensitive data.

What Our Learners Are Saying

The training, courseware, and lab experience were insightful and valuable. Keep up the great work and learning experience!

Nitish A. Anand – Accenture

Course: SC-200: Microsoft Security Operations Analyst
Date: 15th Jan 2025

The instructor was professional and very content.

Justine Daudi Mlimbilah – Bank of Africa, Tanzania

Course: MD-102: Microsoft 365 Endpoint Administrator
Date: 20th Dec 2024

The instructor was so knowledgeable & humble. Rare to find someone so confident but so down to earth these days. So appreciative to him.”

Mohd. Hassan – Ministry of Finance, UAE

Course: AZ-700: Designing and Implementing Microsoft Azure Networking Solutions
Date: 31st July 2024

Instructor is experienced and knowledgeable in guiding.

Dharshini Mahalaxmi – Dr. MGR Education and Research Institute, Chennai, India

Course: SC-300: Microsoft Identity and Access Administrator
Date: 4th May 2024