AWS Certified Solutions Architect Professional 2020: Design for New Security Solutions Proficiency (Advanced Level)

Topics covered

• add users and groups to AWS Managed AD
• analyze EC2 instance and app configuration
• analyze S3 storage usage for 30 days or more to determine optimal storage class usage
• block public access for an S3 bucket
• configure IAM roles
• configure the AWS Simple AD directory service
• configure the AWS user password policy
• deploy a private CA to issue PKI certificates
• determine when S3 cross-origin resource sharing should be used
• discover AWS data and enable classification
• enable and use AWS Security Hub
• enable EBS volume encryption
• enable MFA for an IAM user account
• enable S3 encryption using PowerShell
• enable S3 encryption using the GUI
• enable S3 locking for write-once read-only usage
• establish the importance of building regulatory compliance into your company's IT security program
• join an EC2 instance to an AWS Directory Service
• modify bucket permissions via the bucket ACL
• perform an AWS IAM user sign-in
• recall how GDPR protects European Union citizen data
• recall how PKI provides security
• recognize the role of IAM in the cloud
• request a private certificate
• request a public certificate and use DNS validation
• test resource access using the IAM policy simulator
• use a certificate to enable an application load balancer HTTPS listener
• use PowerShell to manage IAM users
• use the CLI to manage IAM groups
• use the portal to create a KMS key