AWS Certified Security (BETA) NOTES
Section – IAM
In-depth understanding of IAM functionality and capabilities
In-depth knowledge of policy format.
Cross-account role setup and management
Difference between Role, Group, IAM User, and Policy
How user policy interact with resource policy
Section – Auditing
In-depth understanding of
AWS Config https://aws.amazon.com/blogs/aws/aws-config-rules-dynamic-compliance-checking-for-cloud-resources/
Exam heavily test cloudtrail/cloudwatch setup, troubleshooting, and usage.
Must understand what is involved in setting up central logging and auditing.
How do you get logs from EC2 instances to CloudWatch?
Section – Encryption
AWS encryption offerings
S3 Server encryption
AWS managed keys vs. customer-managed keys
AWS KMS setup and operation.
Exam is very heavy on encryption at rest
Master vs. data key
Encryption in flight (TLS)
Section – Forensic
How as security engineer you recover from a breach.
How do you do penetration testing AWS environment?
How do you handle AWS abuse notice?
What is AWS Artifact
Section – ACL/Network Security
Security group vs. network ACL
Section – Connectivity
Even though exam blueprint list out compliance, there were no compliance-related questions.
Thanks Irfan for your feedback and breakdown with links.