万本电子书0元读

万本电子书0元读

顶部广告

AWS: Security Best Practices on AWS电子书

售       价:¥

13人正在读 | 0人评论 6.2

作       者:Albert Anthony

出  版  社:Packt Publishing

出版时间:2018-03-13

字       数:80.3万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Delve deep into various security aspects of AWS to build and maintain a secured environment About This Book ? Learn to secure your network, infrastructure, data, and applications in AWS cloud ? Use AWS managed security services to automate security ? Dive deep into various aspects such as the security model, compliance, access management and much more to build and maintain a secured environment ? Explore Cloud Adoption Framework (CAF) and its components ? Embedded with assessments that will help you revise the concepts you have learned in this book Who This Book Is For This book is for all IT professionals, system administrators, security analysts, solution architects, and chief information security officers who are responsible for securing workloads in AWS for their organizations. What You Will Learn ? Get familiar with VPC components, features, and benefits ? Learn to create and secure your private network in AWS ? Explore encryption and decryption fundamentals ? Understand monitoring, logging, and auditing in AWS ? Ensure data security in AWS ? Secure your web and mobile applications in AWS ? Learn security best practices for IAM, VPC, shared security responsibility model, and so on In Detail With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike. This book focuses on using native AWS security features and managed AWS services to help you achieve continuous security. Starting with an introduction to Virtual Private Cloud (VPC) to secure your AWS VPC, you will quickly explore various components that make up VPC such as subnets, security groups, various gateways, and many more. You will also learn to protect data in the AWS platform for various AWS services by encrypting and decrypting data in AWS. You will also learn to secure web and mobile applications in AWS cloud. This book is ideal for all IT professionals, system administrators, security analysts, solution architects, and chief information security officers who are responsible for securing workloads in AWS for their organizations. This book is embedded with useful assessments that will help you revise the concepts you have learned in this book. Style and approach This book follows a practical approach delving into different aspects of AWS security. It focuses on using native AWS security features and managed AWS services to help you achieve continuous security. Note: This book is a blend of text and quizzes, all packaged up keeping your journey in mind. It includes content from the following Packt product: ? Mastering AWS Security by Albert Anthony
目录展开

AWS: Security Best Practices on AWS

Credits

Meet Your Expert

Preface

What's in It for Me?

What Will I Get from This Book?

Prerequisites

Chapter 1. AWS Virtual Private Cloud

Introduction

VPC Components

Subnets

Elastic Network Interfaces (ENI)

Route Tables

Internet Gateway

Elastic IP Addresses

VPC Endpoints

Network Address Translation (NAT)

VPC Peering

VPC Features and Benefits

Multiple Connectivity Options

Secure

Simple

VPC Use Cases

Hosting a Public Facing Website

Hosting Multi-Tier Web Application

Creating Branch Office and Business Unit Networks

Hosting Web Applications in the AWS Cloud That Are Connected with Your Data Center

Extending Corporate Network in AWS Cloud

Disaster Recovery

VPC Security

Security Groups

Network Access Control List

VPC Flow Logs

VPC Access Control

Creating VPC

VPC Connectivity Options

Connecting User Network to AWS VPC

Connecting AWS VPC with Other AWS VPC

Connecting Internal User with AWS VPC

VPC Limits

VPC Best Practices

Plan Your VPC before You Create It

Choose the Highest CIDR Block

Unique IP Address Range

Leave the Default VPC Alone

Design for Region Expansion

Tier Your Subnets

Follow the Least Privilege Principle

Keep Most Resources in the Private Subnet

Creating VPCs for Different Use Cases

Favor Security Groups over NACLs

IAM Your VPC

Using VPC Peering

Using Elastic IP Instead of Public IP

Tagging in VPC

Monitoring a VPC

Summary

Assessments

Chapter 2. Data Security in AWS

Introduction

Encryption and Decryption Fundamentals

Note

Envelope Encryption

Securing Data at Rest

Amazon S3

Permissions

Versioning

Replication

Server-Side Encryption

Client-Side Encryption

Amazon EBS

Replication

Backup

Encryption

Amazon RDS

Amazon Glacier

Amazon DynamoDB

Amazon EMR

Securing Data in Transit

Amazon S3

Amazon RDS

Amazon DynamoDB

Amazon EMR

AWS KMS

KMS Benefits

Fully Managed

Centralized Key Management

Integration with AWS Services

Secure and Compliant

KMS Components

Customer Master Key (CMK)

Data Keys

Key Policies

Auditing CMK Usage

Key Management Infrastructure (KMI)

AWS CloudHSM

CloudHSM Features

Generate and Use Encryption Keys Using HSMs

Pay as You Go Model

Easy to Manage

AWS CloudHSM Use Cases

Offload SSL/TLS Processing for Web Servers

Protect Private Keys for an Issuing Certificate Authority

Enable Transparent Data Encryption for Oracle Databases

Amazon Macie

Data Discovery and Classification

Data Security

Summary

Assessments

Chapter 3. Securing Servers in AWS

EC2 Security Best Practices

EC2 Security

IAM Roles for EC2 Instances

Managing OS-Level Access to Amazon EC2 Instances

Protecting Your Instance from Malware

Secure Your Infrastructure

Intrusion Detection and Prevention Systems

Elastic Load Balancing Security

Building Threat Protection Layers

Testing Security

Amazon Inspector

Amazon Inspector Features and Benefits

Amazon Inspector Components

AWS Shield

AWS Shield Benefits

AWS Shield Features

Summary

Assessments

Chapter 4. Securing Applications in AWS

AWS Web Application Firewall

Benefits of AWS Web Application Firewall

Working with AWS Web Application Firewall

Signing AWS API Requests

Amazon Cognito

Amazon API Gateway

Summary

Assessments

Chapter 5. AWS Security Best Practices

Shared Security Responsibility Model

IAM Security Best Practices

VPC

Data Security

Security of Servers

Application Security

Monitoring, Logging, and Auditing

AWS CAF

Security Perspective

Directive Component

Preventive Component

Detective Component

Responsive Component

Summary

Assessments

Appendix A. Assessment Answers

Lesson 1: AWS Virtual Private Cloud

Lesson 2: Data Security in AWS

Lesson 3: Securing Servers in AWS

Lesson 4: Securing Applications in AWS

Lesson 5: AWS Security Best Practices

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部