AWS Certified AI Practitioner AIF-C01 Training - OEM Certkit

This course is designed to help you obtain the working knowledge and skills required to sit the AWS Certified Security – Specialty exam. Through taking this course, you will gain hands-on experience securing AWS services and environments, as well as be able to identify and evaluate security considerations and implement mitigation strategies.

Prerequisites:
Working knowledge of AWS and an AWS Associate certification is recommended.

Course outcome:

State an understanding of AWS cloud security based on the CIA triad.
Create and analyze authentication and authorizations with IAM.
Manage and provision accounts on AWS with appropriate AWS services.
Identify how to manage secrets using AWS services.
Monitor sensitive information and protect data via encryption and access controls.
Identify AWS services that address attacks from external sources.
Monitor, generate, and collect logs.
Identify indicators of security incidents.
Identify how to investigate threats and mitigate using AWS services.

Who should attend:
This course is intended for experienced Security engineers, Security architects and/or Cloud architects.

CertKit content

E-learning courses

AWS Security Specialty (SCS-C02): Incident Response & Forensics

Course: 1 Hour, 20 Minutes

Course Overview
AWS Incident Response Plan Building
AWS Logging for Forensic Readiness
AWS Incident Response Fundamentals
Containment Automation with EventBridge and Lambda
Multi-Source Log Correlation with Athena
Forensic Artifact Preservation from EC2 and EBS
Recovery and Post-Incident Review
Simulated Forensic Investigations
Remediation Automation with AWS Lambda and Step Functions
Best Practices for AWS Incident Response
Course Summary

AWS Security Specialty (SCS-C02): Security Logging & Monitoring

Course: 1 Hour, 14 Minutes

Course Overview
Compliance Frameworks in AWS
Cross-Account Access Fundamentals
Data Sharing Challenges and Security Requirements
Permission Boundary Implementation
Amazon S3 Data Security for Cross-Account Access
Federation Enablement with IAM Identity Center
Automated Evidence Gathering with AWS Audit Manager
Running Compliance Audit Simulations
Cross-Account Access Monitoring and Auditing
Running Multi-Account Security Audit Simulations
Cross-Account Monitoring Design with CloudWatch and EventBridge
Troubleshoot Missing Logs with Trails, Data Events, and Delivery Failures
Course Summary

AWS Security Specialty (SCS-C02): Advanced Logging & Analysis

Course: 1 Hour, 19 Minutes

Course Overview
Centralized Logging Strategies in AWS
Configuring Organization-Wide CloudTrail
Advanced CloudWatch Logs Insights Queries
Security Log Normalization and Correlation
Automated Log Pipeline Building
Security Log Retention and Immutability
Implementing AWS Log Integration with External Analytics Platforms
Best Practices for AWS Security Logging and Analysis
CloudTrail Lake Organization Event Data Stores and SQL Joins
Missing Log Troubleshooting for Trails, Data Events, and Delivery Issues
Course Summary

AWS Security Specialty (SCS-C02): Network Security Controls

Course: 1 Hour, 29 Minutes

Course Overview
Fundamentals of AWS Network Security
VPC Security Design with Security Groups and NACLs
Implementing Security Groups for Tiered Architectures
Configuring Network ACLs for Subnet Segmentation
AWS Network Firewall Deployment for Centralized Traffic Filtering
Application Protection with AWS WAF
Configuring AWS WAF for Application Security
DDoS Protection with AWS Shield Advanced
Best Practices for AWS Network Security
Security Architecture Patterns for the Topic
Course Summary

AWS Security Specialty (SCS-C02): Security Automation & Pipeline Integrity

Course: 1 Hour, 6 Minutes

Course Overview
Event-Driven Security Workflow Design
CI/CD Pipelines Security in AWS
Automation of Remediation with AWS Lambda
Implementing Multi-Step Workflows with Step Functions
Artifact Signing for Deployment Integrity
Implementing Routine Security Task Automation with Systems Manager
Automation Integration with AWS Security Hub
Complex Incident Automation Scenario
Course Summary

AWS Security Specialty (SCS-C02): Network Monitoring & Threat Detection

Course: 1 Hour, 4 Minutes

Course Overview
Advanced GuardDuty Use Cases
Configuring GuardDuty for Centralized Management
Correlate Findings in AWS Security Hub
Automation of Threat Remediation with EventBridge and Lambda
Forensic Data Collection and Preservation
Implementing AWS Security Findings Integration with SIEM Tools
Incident Simulation and Playbook Execution
Best Practices for Continuous Security Operations
Course Summary

AWS Security Specialty (SCS-C02): Hybrid Connectivity & Private Access Security

Course: 45 Minutes

Course Overview
Direct Connect Link Security with MACsec
Implementing Site-to-Site VPN and Transit Gateway Security
Configuring PrivateLink Services with Resource Policies
Configuring Centralized Private Access with VPC Endpoints
Hybrid Connectivity and Private Access Scenario
Transit Gateway Security Patterns and Route-Table Isolation
Course Summary

AWS Security Specialty (SCS-C02): Database & Analytics Service Security

Course: 1 Hour, 8 Minutes

Course Overview
Configuring Secure VPC for RDS and Aurora
Implementing Encryption for Amazon RDS and Aurora
Implementing IAM Database Authentication for RDS and Aurora
Implementing Network Isolation and Security Groups
Configuring DynamoDB Security Controls
Implementing Security for Amazon Redshift Data Warehouses
Sensitive Data Protection in Analytics Pipelines
Database and Analytics Security Measures
Course Summary

AWS Security Specialty (SCS-C02): Securing Storage Services

Course: 1 Hour, 5 Minutes

Course Overview
Security Principles for AWS Storage
Securing Amazon S3 Buckets
Encrypting Data in Amazon S
Amazon EBS Volume Security
Encrypting EBS Volumes and Snapshots
Securing Amazon EFS Access
AWS Backup for Data Protection
Storage Security Audits
Course Summary

AWS Security Specialty (SCS-C02): Edge & Application Security

Course: 58 Minutes

Course Overview
The Application and API Threat Landscape
Implementing API Security with Amazon API Gateway
Application Protection with AWS WAF
Implementing WAF Rules for Common Attacks
DDoS Protection with AWS Shield
Managing Secrets and Configurations Securely
Multi-Tier API Application Security
Course Summary

AWS Security Specialty (SCS-C02): IAM Foundations & Access Management

Course: 1 Hour, 12 Minutes

Course Overview
IAM Fundamentals and Best Practices
Creating and Managing IAM Users and Groups
Role-Based and Attribute-Based Access Control Design
Configuring IAM Roles for Cross-Account Access
Implementing Multi-Factor Authentication
IAM Authentication Issue Troubleshooting
Using AWS STS for Temporary Credentials
Analyzing IAM Policies with the Policy Simulator
Best Practices for AWS IAM Security
Course Summary

AWS Security Specialty (SCS-C02): Cross-Account & Federation

Course: 53 Minutes

Course Overview
Identity Federation
Configuring AWS IAM Identity Center
Azure AD Integration for SAML Federation
Okta Integration for OIDC Federation
Automating SCIM Provisioning
Enforcing MFA for Federated Users
Troubleshooting Federation and SSO Issues
Multi-Account Federation Scenario
Course Summary

AWS Security Specialty (SCS-C02): Privilege Management & Access Analysis

Course: 56 Minutes

Course Overview
Principles of Privilege Management in AWS
Creating and Enforcing Least-Privilege IAM Policies
Implementing Permissions Boundaries for Managed Accounts
Enforcing Organization-Wide Access Controls with SCPs
ABAC Usage for Dynamic Permissions
Temporary Elevated Privileges and Approval Workflows
Auditing Permissions with IAM Access Analyzer
Access Control Audit Simulation
Course Summary

AWS Security Specialty (SCS-C02): Data Protection & Key Management

Course: 1 Hour, 16 Minutes

Course Overview
Encryption in Transit and at Rest
Key Hierarchy and Access Policy Design
External Key Material Importing and Management
Encryption Key Management with AWS KMS
Data Retention Policy Design
Application-Level Encryption Strategies
AWS CloudHSM Integration for Dedicated Key Storage
Vault Lock Implementation in AWS Backup
Real-World Encryption AWS Architecture Scenario
Best Practices for Data Lifecycle Security
Course Summary

AWS Security Specialty (SCS-C02): Serverless Security

Course: 58 Minutes

Course Overview
Security Principles for Serverless Architectures
Configuring Least-Privilege Lambda Execution Roles
Implementing API Gateway Security with Cognito Authorizers
Implementing AWS WAF Integration with API Gateway
Implementing Secrets Management for Serverless Functions
Lambda Code Signing Enablement
Serverless Application Hardening
Course Summary

AWS Security Specialty (SCS-C02): Container and Orchestrator Security

Course: 47 Minutes

Course Overview
Implementing Security for Container Images in Amazon ECR
Configuring IAM Roles for ECS Tasks and EKS Pods
Kubernetes RBAC and Security Context Implementation
Implementing AWS WAF with Kubernetes Ingress
Implementing Runtime Monitoring with CloudWatch Container Insights
Containerized Application Hardening Scenario
Course Summary

AWS Security Specialty 2025: Disaster Recovery and Resilience Planning

Course: 1 Hour, 15 Minutes

Course Overview
AWS Disaster Recovery Models
Effective AWS Readiness Drills
Implementing AWS Backup for Recovery Readines
AWS Elastic Disaster Recovery
Validating Automated Remediation with Systems Manager
Full-Scale AWS Security Drill Scenario
Testing and Automating Disaster Recovery
Multi-Region DR Simulation
Course Summary

AWS Security Specialty (SCS-C02): Workload Isolation and Exposure Reduction

Course: 45 Minutes

Course Overview
Implementing Network Segmentation for Isolation
Egress Filtering Implementation with VPC Endpoints
Using Private DNS for Endpoint Traffic Control
Isolating Workloads in Dedicated Accounts
Workload Isolation Scenario
Course Summary

AWS Security Specialty (SCS-C02): Detection Engineering and Tuning Findings

Course: 50 Minutes

Course Overview
Designing Effective Detection Rules in AWS
Configuring GuardDuty Findings Tuning
Configuring Custom Security Hub Insights
Adjusting AWS Config Rules for Precision
Detection Tuning Scenario
Authoritative Log-Source Inventory and Gap Analysis
Course Summary

AWS Security Specialty (SCS-C02): Governance, Risk, & Compliance

Course: 1 Hour, 20 Minutes

Sections
DurationStatusActions
Course Overview
AWS GRC Foundations
Multi-Account Strategy Design
Implementing Multi-Account Governance with AWS Organizations
Implementing AWS Organizations and Delegated Administration
Guardrails and AWS Control Tower
Implementing Guardrails with AWS Control Tower
Secure Deployment Strategy Implementation
AWS with Enterprise GRC Platform Integration
Secure CloudFormation Template Deployment
Governance Scenario: Onboarding a New Business Unit
Course Summary

AWS Security Specialty (SCS-C02): SaaS & Third‑Party Integration Security

Course: 47 Minutes

Course Overview
Using API Keys and Credentials for SaaS Access
Implementing PrivateLink to Restrict SaaS Network Access
Cross-Account IAM Roles for Vendor Access
Integration Activity Monitoring and Alerting
SaaS Integration Security
Cross-Account Monitoring Design with CloudWatch and EventBridge
Course Summary

MeasureUp Exam simulation

Hone your testing skills with MeasureUp Exam Simulation, an advanced tool that gives you a realistic exam experience. Practice with accurately modelled questions that mimic actual exams, allowing you to get used to the structure and pressure. With MeasureUp, you not only prepare for your exam, you also increase your chances of success.

120+ questions

Tips, Tricks & Links

Take advantage of our comprehensive collection of tips, tricks and links designed specifically to support your preparation for certification exams. These resources offer valuable insights and proven strategies to make your studies more effective. Enhance your learning experience and approach your exams with confidence!

Amazon Web Services (AWS) AWS Certified Security Specialty SCS-C02 Training

Amazon Web Services (AWS) AWS Certified Security Specialty SCS-C02 Training

Bulk discount

Product description