ELB Listeners – Understanding HTTP vs TCP Listeners Hey everyone, and welcome back to the Knowledge Pool video series. And in today’s lecture we are primarily going to look into one of the basic major difference between a Http and the TCP listeners. So in the earlier lecture we were discussing about various listeners type available in the ELP and we had paused our video in the listener type of TCP and SSL. So one of the questions which generally comes during the interview specifically is that what would be…

S3 Encryption Hi, everyone, and welcome back to the Knowledge Portal video series. So, S Three is back, and today, yet again, we are going to talk about one more important topic, which is S Three encryption. So it seems that the most of the things that we discuss about all are important, and this truly is important. So let me give you a very simple example for this particular use case. For those who are wondering, is SRE encryption really required? Now let me show you. I have my…

Importing Key Material to KMS Hey everyone and welcome back. In today’s video we will be discussing about importing key material in Kms. Now, Customer Master Key basically contains a key material which is used to encrypt and decrypt the data. Now, whenever we create a CMK, by default AWS automatically creates a key material for that specific CMK. However, we do have an option to create a CMK without the key material and then import our own key material into CMK. So it’s basically we can generate this specific…

KMS Policy Evaluation Logic – Use Case 02 Hey everyone and welcome back in today’s video we will be discussing about the Use case two related to IAM and Kms policies now, in order for this Use case to work, what I have done is I have created a new user called as Ktlabs and I have given him administrator access. Now, from a new browser I have logged into the CMS and basically I have modified this key policy over here so the policy which is present over here,…

AWS Key Management Service – CMK Deletion & EBS Use-Case Hey everyone, and welcome back. So, continuing a journey with Kms. Today, we’ll be looking again into the deletion aspect of the Customer Master key with a specific use case. So this use case is extremely important to understand before you go for the exams. So let’s look into the use case where Medium Core is a Kms, using Kms extensively for EBS encryption. So there is one Kms Customer Master Key which is used for all the EBS encryption…

AWS Key Management Service – Part 03 Hey everyone and welcome back. In today’s video we will be discussing about the Kms architecture. And also throughout the course we will also be discussing about the Envelope encryption. So the overall Kms architecture consists of three major components. One is the Kms interface. So Kms interface is where we interact to. So we can interact via console, we have via CLI SDK. So this all terminates at the Kms interface level. Now, Kms interface is interconnected with the Kms host and…

AWS Key Management Service Hey everyone and welcome back. In today’s video, we will be discussing about the AWS key management service. Now, typically, let’s say your organization wants a system to store the secrets. Now you can say alright, if the secrets wants to be sold, we will go with Cloud HSM. However, Cloud HSM is definitely good, but it comes with its own disadvantages. Now, the first disadvantage of Cloud HSM is the additional complexity and also it is not fault tolerant by default. So it’s not like…

Introduction to Cryptography Hey everyone and welcome to the Knowledge Portal video series. And today we will be speaking about cryptography. Now, cryptography was generally considered as one of the most boring subject during the Bachelor’s time in network security. The reason why is because it was full of mathematics. But after passing out from the Bachelor’s, we realized that the wireless devices actually works a lot based on cryptography. And there were some weak cryptographic algorithms like RC Four which were easily hacked. And once you break that, you…

[CCP] AWS Certificate Manager Overview (ACM) Now let’s talk about AWS Certificate Manager or ACM, which is a service to easily provision, manage and deploy SSL or TLS certificates. What do you use the certificates for? Well is to provide inflight encryptions for your websites by providing an Https endpoint. So the second example, we have our application load balancer and it is connected in the backend through Http to an autoscale and group with our EC. Two instances though, we want our end users to have Https exposed on…

KMS For SysOps So here are a few additional things you need to know about Kms regarding the Sysaps exam. So first of all, you cannot change the encryption key used by an EBS volume. If you wanted to do so, you would need to create an EBS snapshot. And then you create a new EBS volume and from it you specify a new Kms key. So this is very similar to what we’ve seen. We would create a snapshot from an already encrypted EBS volume which would have the…