Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from AWS Certified Security – Specialty Exam Guide Build your cloud security knowledge and expertise as an AWS Certified Security Specialist (SCS-C01)

Product type Paperback

Published in Sep 2020

Publisher Packt

ISBN-13 9781789534474

Length 558 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Security

Authors (2):

Stuart Scott

Wilberto Palomar

View More author details

Table of Contents (27) Chapters

Preface

1. Section 1: The Exam and Preparation

2. AWS Certified Security - Specialty Exam Coverage FREE CHAPTER

3. Section 2: Security Responsibility and Access Management

4. AWS Shared Responsibility Model

5. Access Management

6. Working with Access Policies

7. Federated and Mobile Access

8. Section 3: Security - a Layered Approach

9. Securing EC2 Instances

10. Configuring Infrastructure Security

11. Implementing Application Security

12. DDoS Protection

13. Incident Response

14. Securing Connections to Your AWS Environment

15. Section 4: Monitoring, Logging, and Auditing

16. Implementing Logging Mechanisms

17. Auditing and Governance

18. Section 5: Best Practices and Automation

19. Automating Security Detection and Remediation

20. Discovering Security Best Practices

21. Section 6: Encryption and Data Security

22. Managing Key Infrastructure

23. Managing Data Security

24. Mock Tests

25. Assessments

26. Other Books You May Enjoy

Leave a review - let other readers know what you think

KMS key material

Key material is essentially the data that is used to encrypt and decrypt data and is stored within your CMK. Hence, in the example I just covered with SSE-KMS, the CMK key material was used to encrypt a version of the data key as well as to decrypt an encrypted version of the data key.

When you create your CMK, KMS automatically creates new key material for that CMK. However, when you are creating your own customer-managed CMKs, you can choose to create your CMK without any key material, allowing you to import your own into the key yourself. This method of key material assignment is known as Bring Your Own Key (BYOK).

However, it is important to note that imported key material does not support automatic key rotation, but it is possible to manually rotate your keys with imported material.

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Palomar

Wilberto has More than 18 years of combined IT experience in banking, payment gateways, telecommunications, insurance and digital domain. He is currently working as a DevSecOps Lead at Lendi

See other products by Palomar

Stuart Scott

Stuart Scott is the AWS content lead at Cloud Academy where he has created over 40 courses reaching tens of thousands of students. His content focuses heavily on cloud security and compliance, specifically on how to implement and configure AWS services to protect, monitor and secure customer data in an AWS environment. He has written numerous cloud security blogs Cloud Academy and other AWS advanced technology partners. He has taken part in a series of cloud security webinars to share his knowledge and experience within the industry to help those looking to implement a secure and trusted environment. In January 2016 Stuart was awarded 'Expert of the Year' from Experts Exchange for his knowledge share within cloud services to the community.

See other products by Stuart Scott