AWS DEA-C01 security guide covering authentication, authorization, masking, encryption, and governance decisions.
DEA-C01 treats security and governance as part of the platform, not as a final patch layer. Strong answers control access, protect data in motion and at rest, prepare logs for audits, and respect privacy and regional governance constraints.
AWS currently weights Data Security and Governance at 18% of scored content.
| Lesson | Focus |
|---|---|
| 4.1 Authentication, Secrets & Network Access | Learn IAM roles, credentials, endpoints, security groups, and network access patterns for data systems. |
| 4.2 Authorization, Least Privilege & Lake Formation | Learn custom policies, permission models, Lake Formation, and least-privilege decisions. |
| 4.3 Encryption, Masking & Cross-Account Protection | Learn KMS, masking, anonymization, in-transit protection, and cross-account encryption access. |
| 4.4 Logging, Privacy, Sovereignty & Governance | Learn CloudTrail, CloudWatch Logs, CloudTrail Lake, privacy controls, data sovereignty, and governance frameworks. |