There are a number of mechanisms in Amazon Web Services (AWS) for securing data-at-rest and data-in-transit. In this 8-video course, learners explore topics including the basics of cryptography, access keys and pairs, client-side versus server-side encryption, AWS Key Management Service (KMS), Certificate Manager, and CloudHSM (hardware security module). The course begins with an introduction to fundamentals of cryptography and some of the cryptographic mechanisms you need to be aware of for AWS. You will then take a look at how to use access keys and key pairs, followed by another tutorial comparing client-side encryption and server-side encryption. The next topic is AWS Key Management Service, which lets you manage cryptographic keys for your cloud services, followed by a look at AWS Certificate Manager. The final tutorial in this course explores CloudHSM. In the concluding exercise, learners are asked to list the attributes of cryptographic hashing, the options for encrypting an S3 bucket object, and the security services provided by digital signatures.
Securing AWS: Data Protection