AWS Certified Advanced Networking：Specialty Exam Guide

coverpage

Title Page

Copyright and Credits

AWS Certified Advanced Networking - Specialty Exam Guide

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Section 1: Introduction

Overview of AWS Certified Advanced Networking - Specialty Certification

Technical requirements

The exam blueprint

The exam requirements

The exam structure

Scoring

Knowledge domains

Taking the exam

Summary

Section 2: Managing Networks in AWS

Networking with the Virtual Private Cloud

Technical requirements

Introduction to the VPC

VPC networks

Private and public subnets

Public elastic and private IPs

Working with VPCs

Creating a VPC

Configuring DHCP options

VPC networking components

ENI

Routing NAT and internet access

Connecting public subnets to the internet

Connecting private subnets to the internet

VPC endpoints and PrivateLink

Gateway endpoint

Interface endpoint – powered by AWS PrivateLink

Configuring an endpoint

VPC peering

Limitations of VPC peering

Best practices

Network and VPC sizing

High availability

Routing

VPC peering recommendations

VPC limitations

Summary

Questions

Further reading

VPC Network Security

Technical requirements

An overview of network security

Understanding network security vulnerabilities

Network layer attacks

Service layer attacks

Exploiting vulnerabilities

Application layer attacks

Security in the OSI model

Layer 2

Layer 3

Layer 4

Layer 7

WAN to LAN access patterns

Controlling port-based traffic

Controlling access to applications

Securing the VPC

Security groups

NACLs

Controlling access

VPC Flow Logs

VPC Flow Log examples

Securing EC2 instance operating systems

EC2 network adapter characteristics

Controlling traffic to and from EC2 instances

Controlling access with the OS firewall

Advanced EC2 operating system security

Delivering advanced network security in AWS

Threats to modern applications

AWS WAF concepts

DDoS mitigation

Packet security

Advanced network security patterns

Summary

Questions

Further reading

Connecting On-Premises and AWS

Technical requirements

An overview of on-premises connectivity

Connecting VPCs and private networks