Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Cart
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
AWS Certified Security – Specialty Exam Guide

You're reading from  AWS Certified Security – Specialty Exam Guide

Product type Book
Published in Sep 2020
Publisher Packt
ISBN-13 9781789534474
Pages 558 pages
Edition 1st Edition
Languages
Concepts
Author (1):
Stuart Scott Stuart Scott
Profile icon Stuart Scott
LinkedIn
Stuart Scott is the AWS content lead at Cloud Academy where he has created over 40 courses reaching tens of thousands of students. His content focuses heavily on cloud security and compliance, specifically on how to implement and configure AWS services to protect, monitor and secure customer data in an AWS environment. He has written numerous cloud security blogs Cloud Academy and other AWS advanced technology partners. He has taken part in a series of cloud security webinars to share his knowledge and experience within the industry to help those looking to implement a secure and trusted environment. In January 2016 Stuart was awarded 'Expert of the Year' from Experts Exchange for his knowledge share within cloud services to the community.
Read more
See other products by Stuart Scott
Toc

Table of Contents (27) Chapters close

Preface 1. Section 1: The Exam and Preparation
2. AWS Certified Security - Specialty Exam Coverage 3. Section 2: Security Responsibility and Access Management
4. AWS Shared Responsibility Model 5. Access Management 6. Working with Access Policies 7. Federated and Mobile Access 8. Section 3: Security - a Layered Approach
9. Securing EC2 Instances 10. Configuring Infrastructure Security 11. Implementing Application Security 12. DDoS Protection 13. Incident Response 14. Securing Connections to Your AWS Environment 15. Section 4: Monitoring, Logging, and Auditing
16. Implementing Logging Mechanisms 17. Auditing and Governance 18. Section 5: Best Practices and Automation
19. Automating Security Detection and Remediation 20. Discovering Security Best Practices 21. Section 6: Encryption and Data Security
22. Managing Key Infrastructure 23. Managing Data Security 24. Mock Tests 25. Assessments 26. Other Books You May Enjoy

Data encryption keys (DEKs)

Now we have an understanding of CMKs, I want to talk about data keys. Data keys are created by CMKs. However, they do not reside inside the KMS service as CMKs do; instead, these are used outside of KMS to perform encryption against your data. 

When a request to generate a data key is received by KMS, the associated CMK in the request will create the two data encryption keys (DEKs); one will be a plaintext key, and the other will be an identical key, but this will be encrypted:

The process of using one key to encrypt another key like this is known as envelope encryption.

During the encryption process, the plaintext data key will be used to perform the encryption of your data using an encryption algorithm. Once the encryption has taken place, this plaintext data key will then be deleted and the encrypted data key will be stored and associated with the encrypted data. 

At this point, your data is now encrypted, and the only way to access...

lock icon The rest of the chapter is locked
arrow left Previous Section
Section 11 of 31
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at ₹800/month. Cancel anytime

Authors (1)

Left arrow icon
Profile icon Stuart Scott
LinkedIn
Stuart Scott is the AWS content lead at Cloud Academy where he has created over 40 courses reaching tens of thousands of students. His content focuses heavily on cloud security and compliance, specifically on how to implement and configure AWS services to protect, monitor and secure customer data in an AWS environment. He has written numerous cloud security blogs Cloud Academy and other AWS advanced technology partners. He has taken part in a series of cloud security webinars to share his knowledge and experience within the industry to help those looking to implement a secure and trusted environment. In January 2016 Stuart was awarded 'Expert of the Year' from Experts Exchange for his knowledge share within cloud services to the community.
Read more
See other products by Stuart Scott
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
AWS Security Cookbook
AWS Security Cookbook
Read more
AWS Security Cookbook lists all the practical solutions to the common problems faced by individuals or organizations in securing their instances. Here readers will learn to troubleshoot security concerns and understand additional patterns and services for securing AWS infrastructure.
Read more
Feb 2020 14 hours 40 minutes
Practical AWS Networking
Practical AWS Networking
Read more
Amazon Web Services has dominated the public cloud market by a huge margin and continues to be the first choice for many organizations. Networking has been an area of focus for all the leading cloud service providers. AWS has a suite of network-related products which help in performing network related task on AWS.
Read more
Jan 2018 8 hours 36 minutes
AWS: Security Best Practices on AWS
AWS: Security Best Practices on AWS
Read more
With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike.
Read more
Mar 2018 3 hours 56 minutes
AWS Certified Solutions Architect - Associate Guide
AWS Certified Solutions Architect - Associate Guide
Read more
With rapid adaptation of the cloud platform, the need for cloud certification has also increased. This is your one stop solution and will help you transform yourself from zero to certified. This guide will help you gain technical expertise in the AWS platform and help you start working with various AWS Services
Read more
Oct 2018 20 hours 52 minutes
Designing AWS Environments
Designing AWS Environments
Read more
AWS is one of the most popular public clouds available in the market today. Small to medium-sized businesses, as well as large business organizations, utilize AWS to set up highly scalable and agile infrastructure to meet faster time to market. This book provides hands-on details with respect to the fundamentals of designing an AWS environment with security and governance.
Read more
Sep 2018 5 hours 48 minutes
Mastering AWS Security
Mastering AWS Security
Read more
Security is a key ingredient when it comes to workloads deployed in cloud. Security is highest priority for any organization and it is considered job zero at AWS. Our book will dig deep into the achieving end to end automated security for all workloads deployed, running and stored in AWS cloud.
Read more
Oct 2017 8 hours 24 minutes
AWS Networking Cookbook
AWS Networking Cookbook
Read more
With a lot of enterprises moving towards cloud, the need for advanced cloud networking has significantly increased. This book follows a recipe-based approach starting with basic topics to covering the pain points of cloud networking, and will teach you to perform complex networking tasks.
Read more
Aug 2017 12 hours 12 minutes
AWS Administration - The Definitive Guide
AWS Administration - The Definitive Guide
Read more
AWS is at the forefront of Cloud Computing today, providing a plethora of ready to use services that help organizations quickly build, scale and deploy massive workloads on the Cloud. This book is specially designed for users who wish to explore and get started with some of the most commonly used AWS services in a quick and efficient way.
Read more
Mar 2018 11 hours 56 minutes
Cloud Security Automation
Cloud Security Automation
Read more
In the current market, enterprise organizations are moving rapidly towards the cloud infrastructure because of its flexibility and cost effectiveness. Hence, it has become extremely important to have a security framework in place. Automating security functions will play a key role when it comes to cloud governance. This book supplies best security practices for locking down your public and private cloud.
Read more
Mar 2018 11 hours 8 minutes
AWS for System Administrators
AWS for System Administrators
Read more
AWS for System Administrators covers a variety of tools, techniques, tips, and tricks for building highly available and fault-tolerant infrastructure. You’ll get to grips with AWS fundamentals and concepts with the help of step-by-step explanations and practical code examples.
Read more
Feb 2021 12 hours 56 minutes
Implementing Identity Management on AWS
Implementing Identity Management on AWS
Read more
This book will help you overcome the challenges faced when implementing identity and access management on AWS. You’ll be able to approach the topic from a use-case-driven practitioner’s perspective informed by real-world experience of solving challenges within some of the largest enterprise AWS environments in the world.
Read more
Oct 2021 16 hours 48 minutes
AWS Certified Advanced Networking - Specialty Exam Guide
AWS Certified Advanced Networking - Specialty Exam Guide
Read more
AWS certifications are a necessity for all the IT professionals working on an AWS Cloud platform. This book is your one stop preparation guide to upskill yourself with complex and creative networking solutions and getting yourself certified along the way.
Read more
May 2019 10 hours 16 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Designing and Implementing Microsoft Azure Networking Solutions
Designing and Implementing Microsoft Azure Networking Solutions
Read more
Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.
Read more
Aug 2023 17 hours 28 minutes
Microsoft 365 Security, Compliance, and Identity Administration
Microsoft 365 Security, Compliance, and Identity Administration
Read more
The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.
Read more
Aug 2023 21 hours 0 minutes
Zero Trust Overview and Playbook Introduction
Zero Trust Overview and Playbook Introduction
Read more
Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.
Read more
Oct 2023 8 hours 0 minutes
The Self-Taught Cloud Computing Engineer
The Self-Taught Cloud Computing Engineer
Read more
This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.
Read more
Sep 2023 15 hours 44 minutes
Technology Operating Models for Cloud and Edge
Technology Operating Models for Cloud and Edge
Read more
This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.
Read more
Aug 2023 7 hours 36 minutes
Azure Architecture Explained
Azure Architecture Explained
Read more
Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.
Read more
Sep 2023 14 hours 52 minutes
Pentesting Active Directory and Windows-based Infrastructure
Pentesting Active Directory and Windows-based Infrastructure
Read more
This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.
Read more
Nov 2023 12 hours 0 minutes
Practical Ansible
Practical Ansible
Read more
In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.
Read more
Sep 2023 14 hours 0 minutes
Windows 11 for Enterprise Administrators
Windows 11 for Enterprise Administrators
Read more
Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.
Read more
Oct 2023 9 hours 32 minutes
The Linux DevOps Handbook
The Linux DevOps Handbook
Read more
This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.
Read more
Nov 2023 14 hours 16 minutes
Right arrow icon