From the course: Complete Guide to AWS Security and Compliance Management
Join today to access over 24,700 courses taught by industry experts.
Prepare for a security audit - Amazon Web Services (AWS) Tutorial
From the course: Complete Guide to AWS Security and Compliance Management
Prepare for a security audit
“
- [Instructor] You need to be ready for the inevitable audit. Be prepared to demonstrate how your AWS configuration meets your various compliance obligations. First, you must understand what the audit is asking you to verify. Is it a financial, security, or a compliance audit? You need to identify the applicable standards for your situation, anything from PCI DSS for payment card transactions to GDPR For European operations. Clearly define the scope of your audit, including which services, resources, data, and configurations are included. With the scope understood, identify the security and compliance resources available to you within AWS. This includes AWS's compliance programs and related documentation available in Artifact. Don't forget to include current security best practices documentation to ensure that you're up-to-date with the latest recommendations. In addition, review your existing governance and access controls. Specifically, ensure that IAM policies are configured…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download the exercise files for this course.
Get started with a free trial today.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Watch this course anytime, anywhere.
Get started with a free trial today.
Contents
-
-
Understanding shared responsibility7m 22s
-
Understanding the AWS security landscape1m 59s
-
(Locked)
Understanding separation of duties3m 50s
-
(Locked)
Implementing separation of duties5m 27s
-
(Locked)
Understanding CloudTrail3m 47s
-
(Locked)
Enabling CloudTrail6m 1s
-
(Locked)
Understanding CloudWatch5m 41s
-
(Locked)
Understanding CloudWatch alarms4m 11s
-
(Locked)
Configuring Simple Notification Service7m 22s
-
(Locked)
Using a CloudWatch alarm7m 6s
-
(Locked)
Installing the command line interface (CLI) for Mac5m 10s
-
(Locked)
The command line interface (CLI) for Windows5m 9s
-
-
-
Understanding Identity and Access Management6m 28s
-
Understanding IAM policies4m 15s
-
(Locked)
Configure IAM policies10m 11s
-
(Locked)
Understanding IAM groups1m 54s
-
(Locked)
Configure IAM groups4m 40s
-
(Locked)
Configuring a password policy4m 7s
-
(Locked)
Configure IAM users: Web console7m 49s
-
(Locked)
Configure IAM users: CLI3m 14s
-
(Locked)
IAM challenge1m
-
(Locked)
IAM challenge solution3m 36s
-
(Locked)
Configuring IAM roles3m 13s
-
(Locked)
Configuring IAM roles3m 2s
-
(Locked)
Validating an IAM role3m 45s
-
(Locked)
Extending CloudWatch3m 43s
-
(Locked)
Install CloudWatch agent7m 23s
-
(Locked)
Challenge: IAM roles54s
-
(Locked)
Solution: IAM roles4m 11s
-
(Locked)
Understanding Security Token Service1m 58s
-
(Locked)
Creating a temporary access role3m 46s
-
(Locked)
Creating a temporary access policy4m 54s
-
(Locked)
Validating temporary access3m 46s
-
(Locked)
Challenge: Super admin42s
-
(Locked)
Solution: Super admin4m 20s
-
(Locked)
Illustrating access restrictions2m 2s
-
(Locked)
Exploring IAM policy simulator7m 31s
-
(Locked)
Understanding Cognito4m 2s
-
(Locked)
Creating a Cognito user pool10m 28s
-
(Locked)
Creating a Cognito identity pool5m 31s
-
(Locked)
Understanding Verified Permissions3m 53s
-
(Locked)
Understanding federated access2m 37s
-
(Locked)
Enabling federated access5m 8s
-
(Locked)
Validating federated access3m 36s
-
(Locked)
Securing financial access3m 37s
-
(Locked)
Enabling financial access3m 40s
-
-
-
Understanding Organizations2m 22s
-
Understanding Control Tower2m 45s
-
(Locked)
Understanding IAM Identity Center3m 55s
-
(Locked)
Exploring IAM Identity Center8m 11s
-
(Locked)
Validating IAM Identity Center3m 4s
-
(Locked)
Understanding Resource Access Manager2m 43s
-
(Locked)
Exploring Resource Access Manager6m 47s
-
-
-
Understanding AWS Config4m 54s
-
Enabling AWS Config4m 16s
-
(Locked)
Exploring AWS Config results6m 31s
-
(Locked)
Exploring conformance packs3m 35s
-
(Locked)
Understanding AWS GuardDuty4m 35s
-
(Locked)
Exploring AWS GuardDuty3m 37s
-
(Locked)
Understand IAM Access Analyzer2m 59s
-
(Locked)
Exploring IAM Access Analyzer results4m 47s
-
(Locked)
Understanding Amazon Detective2m
-
(Locked)
Exploring Amazon Detective5m 26s
-
(Locked)
Understanding Amazon Inspector3m 5s
-
(Locked)
Exploring Amazon Inspector3m 48s
-
(Locked)
Resolving an Inspector finding4m 16s
-
(Locked)
Understanding Amazon Security Lake2m 14s
-
(Locked)
Understanding IoT Device Defender10m 41s
-
(Locked)
Understanding AWS Elastic Disaster Recovery3m 8s
-
(Locked)
Configuring Elastic Disaster Recovery5m 20s
-
(Locked)
Configuring a source server5m 28s
-
(Locked)
Exploring AWS Elastic Disaster Recovery9m 19s
-
(Locked)
Removing a source server1m 24s
-
-
-
Understand Web Application Firewall4m 33s
-
Exploring Web Application Firewall3m 29s
-
(Locked)
Configuring Web Application Firewall6m 30s
-
(Locked)
Validating Web Application Firewall3m 54s
-
(Locked)
Understand AWS Shield5m 15s
-
(Locked)
Understanding AWS Firewall Manager3m 16s
-
(Locked)
Understanding AWS Network Firewall4m 31s
-
(Locked)
Understand AWS Verified Access4m 21s
-
(Locked)
Understanding DNS Firewall2m
-
(Locked)
Configuring DNS Firewall6m 11s
-
-
-
Understanding Amazon Macie3m 11s
-
Configuring a Macie job9m 25s
-
(Locked)
Exploring Macie results2m 53s
-
(Locked)
Understanding Key Management Service3m 41s
-
(Locked)
Creating a KMS key5m 8s
-
(Locked)
Creating a multi-region KMS key4m 14s
-
(Locked)
Using a KMS in S35m 43s
-
(Locked)
Using KMS and an IAM role7m 31s
-
(Locked)
Automating KMS key rotation4m 21s
-
(Locked)
Deleting a KMS key6m 10s
-
(Locked)
Enabling EBS default encryption8m 11s
-
(Locked)
Understanding Secrets Manager2m 14s
-
(Locked)
Using Secrets Manager5m 18s
-
(Locked)
Enabling autorotation with Secrets Manager7m 58s
-
(Locked)
Creating a multi-region secret4m 10s
-
(Locked)
Deleting a Secrets Manager secret5m 59s
-
(Locked)
Understanding AWS CloudHSM2m 38s
-
(Locked)
Understanding Systems Manager3m 44s
-
(Locked)
Implementing Systems Manager3m 52s
-
(Locked)
Resolving compliance with Systems Manager5m 16s
-
(Locked)
Creating Resource Groups3m 9s
-
(Locked)
Patching with Systems Manager3m 46s
-
(Locked)
Understanding Incident Manager2m 38s
-
(Locked)
Using Parameter Store4m 2s
-
(Locked)
Understand Certificate Manager4m
-
(Locked)
Creating a private certificate authority4m 52s
-
(Locked)
Creating a private certificate2m 40s
-
(Locked)
Using a private certificate6m 43s
-
(Locked)
Understanding Payment Cryptography4m 51s
-
(Locked)
Challenge: KMS1m 28s
-
(Locked)
Solution: KMS5m 34s
-
-
-
Exploring S3 management options5m 6s
-
(Locked)
Accessing S3 privately3m 15s
-
(Locked)
Configuring private S3 access6m 13s
-
(Locked)
Managing S3 with IAM3m
-
(Locked)
Restricting S3 access with IAM11m 27s
-
(Locked)
Validating custom IAM S3 policy4m 9s
-
(Locked)
Leveraging S3 IAM policies in EC25m 57s
-
(Locked)
Creating an S3 bucket policy8m 5s
-
(Locked)
Illustrating S3 bucket policies with CLI4m 29s
-
(Locked)
Understanding S3 access control lists5m 16s
-
(Locked)
Understanding public access in S37m 11s
-
(Locked)
S3 public access best practices4m 19s
-
(Locked)
Exploring pre-signed URLs10m 16s
-
(Locked)
Understanding S3 Access Grants4m 37s
-
(Locked)
Understanding S3 Access Points5m 28s
-
(Locked)
Exploring S3 Access Points9m 32s
-
(Locked)
Understanding data protection schemes7m 30s
-
(Locked)
S3 security and compliance best practices4m 44s
-
(Locked)
Challenge: S3 replication challenge1m 52s
-
(Locked)
Solution: S3 replication challenge10m 36s
-
(Locked)
Challenge: S3 lifecycle challenge56s
-
(Locked)
Solution: S3 lifecycle challenge4m 32s
-
-
-
(Locked)
Understanding AWS Security Hub3m 5s
-
(Locked)
Using AWS Security Hub5m 57s
-
(Locked)
Rotating access keys8m 6s
-
(Locked)
Understand AWS Artifact6m 41s
-
(Locked)
Understanding Trusted Advisor8m 29s
-
(Locked)
Exploring Trusted Advisor7m 49s
-
(Locked)
Understanding Audit Manager3m 53s
-
(Locked)
Exploring Audit Manager9m 26s
-
(Locked)
Prepare for a security audit5m 8s
-
(Locked)