Cargando…
AWS : Learn to secure your data, servers, and applications with AWS.
With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike.
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing,
2018.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; Table of Contents; Preface; Chapter 1: AWS Virtual Private Cloud; Introduction; VPC Components; Subnets; Elastic Network Interfaces (ENI); Route Tables; Internet Gateway; Elastic IP Addresses; VPC Endpoints; Network Address Translation (NAT); VPC Peering; VPC Features and Benefits; Multiple Connectivity Options; Secure; Simple; VPC Use Cases; Hosting a Public Facing Website; Hosting Multi-Tier Web Application; Creating Branch Office and Business Unit Networks; Hosting Web Applications in the AWS Cloud That Are Connected with Your Data Center.
- Extending Corporate Network in AWS CloudDisaster Recovery; VPC Security; Security Groups; Network Access Control List; VPC Flow Logs; VPC Access Control; Creating VPC; VPC Connectivity Options; Connecting User Network to AWS VPC; Connecting AWS VPC with Other AWS VPC; Connecting Internal User with AWS VPC; VPC Limits; VPC Best Practices; Plan Your VPC before You Create It; Choose the Highest CIDR Block; Unique IP Address Range; Leave the Default VPC Alone; Design for Region Expansion; Tier Your Subnets; Follow the Least Privilege Principle; Keep Most Resources in the Private Subnet.
- Creating VPCs for Different Use CasesFavor Security Groups over NACLs; IAM Your VPC; Using VPC Peering; Using Elastic IP Instead of Public IP; Tagging in VPC; Monitoring a VPC; Summary; Assessments; Chapter 2: Data Security in AWS; Introduction; Encryption and Decryption Fundamentals; Envelope Encryption; Securing Data at Rest; Amazon S3; Permissions; Versioning; Replication; Server-Side Encryption; Client-Side Encryption; Amazon EBS; Replication; Backup; Encryption; Amazon RDS; Amazon Glacier; Amazon DynamoDB; Amazon EMR; Securing Data in Transit; Amazon S3; Amazon RDS; Amazon DynamoDB.
- Amazon EMRAWS KMS; KMS Benefits; Fully Managed; Centralized Key Management; Integration with AWS Services; Secure and Compliant; KMS Components; Customer Master Key (CMK); Data Keys; Key Policies; Auditing CMK Usage; Key Management Infrastructure (KMI); AWS CloudHSM; CloudHSM Features; Generate and Use Encryption Keys Using HSMs; Pay as You Go Model; Easy to Manage; AWS CloudHSM Use Cases; Offload SSL/TLS Processing for Web Servers; Protect Private Keys for an Issuing Certificate Authority; Enable Transparent Data Encryption for Oracle Databases; Amazon Macie.
- Data Discovery and ClassificationData Security; Summary; Assessments; Chapter 3: Securing Servers in AWS; EC2 Security Best Practices; EC2 Security; IAM Roles for EC2 Instances; Managing OS-Level Access to Amazon EC2 Instances; Protecting Your Instance from Malware; Secure Your Infrastructure; Intrusion Detection and Prevention Systems; Elastic Load Balancing Security; Building Threat Protection Layers; Testing Security; Amazon Inspector; Amazon Inspector Features and Benefits; Amazon Inspector Components; AWS Shield; AWS Shield Benefits; AWS Shield Features; Summary; Assessments.