Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from AWS Certified Security – Specialty Exam Guide Build your cloud security knowledge and expertise as an AWS Certified Security Specialist (SCS-C01)

Product type Paperback

Published in Sep 2020

Publisher Packt

ISBN-13 9781789534474

Length 558 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Security

Authors (2):

Stuart Scott

Wilberto Palomar

View More author details

Table of Contents (27) Chapters

Preface

1. Section 1: The Exam and Preparation

2. AWS Certified Security - Specialty Exam Coverage FREE CHAPTER

3. Section 2: Security Responsibility and Access Management

4. AWS Shared Responsibility Model

5. Access Management

6. Working with Access Policies

7. Federated and Mobile Access

8. Section 3: Security - a Layered Approach

9. Securing EC2 Instances

10. Configuring Infrastructure Security

11. Implementing Application Security

12. DDoS Protection

13. Incident Response

14. Securing Connections to Your AWS Environment

15. Section 4: Monitoring, Logging, and Auditing

16. Implementing Logging Mechanisms

17. Auditing and Governance

18. Section 5: Best Practices and Automation

19. Automating Security Detection and Remediation

20. Discovering Security Best Practices

21. Section 6: Encryption and Data Security

22. Managing Key Infrastructure

23. Managing Data Security

24. Mock Tests

25. Assessments

26. Other Books You May Enjoy

Leave a review - let other readers know what you think

AWS-owned CMKs

These CMKs are owned and used by AWS services to encrypt your data. They do not reside within your KMS console or indeed within your account, nor do you have the ability to audit and track their usage. They are essentially abstracted from your AWS account. However, because they can be used by services used within your AWS account, those services do have the capabilities to use those keys to encrypt your data within your account.

They are managed and created by AWS, and so there is no management of these keys required. When it comes to the rotation of AWS-owned CMKs, it is down to the particular service that manages that particular key, and so the rotation period varies from service to service.

Examples of AWS-owned CMKs include the following:

The encryption used to encrypt all Amazon DynamoDB tables, which are encrypted by default with no option to disable this encryption
Amazon S3 encryption using the S3 master key (SSE-S3)

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at ₹800/month. Cancel anytime

Authors (2)

Palomar

Wilberto has More than 18 years of combined IT experience in banking, payment gateways, telecommunications, insurance and digital domain. He is currently working as a DevSecOps Lead at Lendi

See other products by Palomar

Stuart Scott

Stuart Scott is the AWS content lead at Cloud Academy where he has created over 40 courses reaching tens of thousands of students. His content focuses heavily on cloud security and compliance, specifically on how to implement and configure AWS services to protect, monitor and secure customer data in an AWS environment. He has written numerous cloud security blogs Cloud Academy and other AWS advanced technology partners. He has taken part in a series of cloud security webinars to share his knowledge and experience within the industry to help those looking to implement a secure and trusted environment. In January 2016 Stuart was awarded 'Expert of the Year' from Experts Exchange for his knowledge share within cloud services to the community.

See other products by Stuart Scott