AWS Certified Security Specialty

All-in-One Exam Guide (Exam SCS-C01)

Tracy Pierce
Visit to download the full and correct content document:
https://ebookmass.com/product/aws-certified-security-specialty-all-in-one-exam-guide
-exam-scs-c01-tracy-pierce/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

AWS Certified Cloud Practitioner All-in-One Exam Guide

(Exam CLF-C01) Daniel Carter

https://ebookmass.com/product/aws-certified-cloud-practitioner-
all-in-one-exam-guide-exam-clf-c01-daniel-carter/

AWS Certified Developer Associate All-in-One Exam Guide

(Exam DVA-C01) Kamesh Ganesan

https://ebookmass.com/product/aws-certified-developer-associate-
all-in-one-exam-guide-exam-dva-c01-kamesh-ganesan/

AWS Certified Solutions Architect Associate All-in-One

Exam Guide (Exam SAA-C02) Joyjeet Banerjee

https://ebookmass.com/product/aws-certified-solutions-architect-
associate-all-in-one-exam-guide-exam-saa-c02-joyjeet-banerjee/

Ccsp Certified Cloud Security Professional All-In-One

Exam Guide Daniel Carter

https://ebookmass.com/product/ccsp-certified-cloud-security-
professional-all-in-one-exam-guide-daniel-carter/
CCSP Certified Cloud Security Professional All-in-One
Exam Guide 3rd Edition Daniel Carter

https://ebookmass.com/product/ccsp-certified-cloud-security-
professional-all-in-one-exam-guide-3rd-edition-daniel-carter/

CCISO Certified Chief Information Security Officer All-

in-One Exam Guide Steve Bennett

https://ebookmass.com/product/cciso-certified-chief-information-
security-officer-all-in-one-exam-guide-steve-bennett/

CISM Certified Information Security Manager All-in-One

Exam Guide, 2nd Edition Peter H. Gregory

https://ebookmass.com/product/cism-certified-information-
security-manager-all-in-one-exam-guide-2nd-edition-peter-h-
gregory/

CC Certified in Cybersecurity All-in-One Exam Guide

Steven Bennett

https://ebookmass.com/product/cc-certified-in-cybersecurity-all-
in-one-exam-guide-steven-bennett-2/

CC Certified in Cybersecurity All-in-One Exam Guide

Steven Bennett

https://ebookmass.com/product/cc-certified-in-cybersecurity-all-
in-one-exam-guide-steven-bennett/
Copyright © 2021 by McGraw Hill. All rights reserved. Except as
permitted under the United States Copyright Act of 1976, no part of
this publication may be reproduced or distributed in any form or by
any means, or stored in a database or retrieval system, without the
prior written permission of the publisher, with the exception that the
program listings may be entered, stored, and executed in a
computer system, but they may not be reproduced for publication.

ISBN: 978-1-26-046173-2
MHID: 1-26-046173-4

The material in this eBook also appears in the print version of this
title: ISBN: 978-1-26-046172-5, MHID: 1-26-046172-6.

eBook conversion by codeMantra

Version 1.0

All trademarks are trademarks of their respective owners. Rather

than put a trademark symbol after every occurrence of a
trademarked name, we use names in an editorial fashion only, and
to the benefit of the trademark owner, with no intention of
infringement of the trademark. Where such designations appear in
this book, they have been printed with initial caps.

McGraw-Hill Education eBooks are available at special quantity

discounts to use as premiums and sales promotions or for use in
corporate training programs. To contact a representative, please visit
the Contact Us page at www.mhprofessional.com.

Information has been obtained by McGraw Hill from sources believed

to be reliable. However, because of the possibility of human or
mechanical error by our sources, McGraw Hill, or others, McGraw Hill
does not guarantee the accuracy, adequacy, or completeness of any
information and is not responsible for any errors or omissions or the
results obtained from the use of such information.
TERMS OF USE

This is a copyrighted work and McGraw-Hill Education and its

licensors reserve all rights in and to the work. Use of this work is
subject to these terms. Except as permitted under the Copyright Act
of 1976 and the right to store and retrieve one copy of the work,
you may not decompile, disassemble, reverse engineer, reproduce,
modify, create derivative works based upon, transmit, distribute,
disseminate, sell, publish or sublicense the work or any part of it
without McGraw-Hill Education’s prior consent. You may use the
work for your own noncommercial and personal use; any other use
of the work is strictly prohibited. Your right to use the work may be
terminated if you fail to comply with these terms.

THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND

ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO
THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS
TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY
INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA
HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY
WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR
A PARTICULAR PURPOSE. McGraw-Hill Education and its licensors do
not warrant or guarantee that the functions contained in the work
will meet your requirements or that its operation will be
uninterrupted or error free. Neither McGraw-Hill Education nor its
licensors shall be liable to you or anyone else for any inaccuracy,
error or omission, regardless of cause, in the work or for any
damages resulting therefrom. McGraw-Hill Education has no
responsibility for the content of any information accessed through
the work. Under no circumstances shall McGraw-Hill Education
and/or its licensors be liable for any indirect, incidental, special,
punitive, consequential or similar damages that result from the use
of or inability to use the work, even if any of them has been advised
of the possibility of such damages. This limitation of liability shall
apply to any claim or cause whatsoever whether such claim or cause
arises in contract, tort or otherwise.
 This book is dedicated to my entire support system: my
grandparents Nick and Ruby, mother and stepfather Nancy and
Eddie, sister Nae, best friends Jake and Jenn, my partner in insanity
Travis, and the teacher that got me into security, Jana Godwin. And
my niece and nephews Chris, Jacob, MacKenzie, and Zach for
providing all the laughs.
—Tracy Pierce

I’d like to dedicate this to my parents, my wife, and my daughter

who have supported me in my career and in writing this book.
—Aravind Kodandaramaiah

To the memory of my father Yassuho Koike, my wife and partner

Fabricia who patiently waited for me to do my work on weekends
inside the car or in the lobby and is still with me after all those years
and is still standing with me. My daughter Gabriela and my son
Fabio, Dad loves you.
—Rafael M. Koike

I dedicate this book to my mother, Terezinha, who showed her value

of working hard and caring for others through her example. My
grandmother and grandfather Aurea and Sebastiao adopted me and
gave me their love. To my father, who nourished my curiosity. To my
uncle, Virmondes, and aunt, Esperanza, who financially supported
me at the beginning of my information technology journey. My wife
Gabriela, who encouraged and supported me through this endeavor.
And to all AWS customers and co-workers I worked with in the last
four years, motivating me to learn and be curious to support them
better.
—Alex Fernandes Rosa
 ABOUT THE AUTHORS

Tracy Pierce is a senior consultant specializing in security for

remote consulting services at Amazon Web Services. She is a
contributor to the AWS Security Blog and provides world-class
customer results through ongoing improvements to processes and
documentation and building tutorials. She has her AS in computer
security and forensics from SCTD, SSCP certification, AWS Developer
– Associate certification, AWS Solutions Architect – Associate
certification, and AWS Security – Specialty certification.
Aravind Kodandaramaiah is a solutions builder at Amazon Web
Services, where he builds prototypes to demonstrate “the art of the
possible” with AWS. He guides global customers to build scalable,
secure, and cost-efficient solutions on the AWS Cloud. His areas of
interest are in security, serverless, AI/ML, and robotics. Aravind
holds several AWS certifications such as Security – Specialty,
Solution Architect – Professional, DevOps Speciality, Big Data, and
Alexa skill development. He is a speaker at the AWS conference
re:Invent and blogs on various AWS topics.
Rafael M. Koike is a senior solutions architect at Amazon Web
Services, where he helps customers build more scalable, secure, and
automated cloud architectures that address their business needs.
With more than 20 years in the security and IT industry and holding
CISSP, CISM, and AWS Certified Security – Specialty certifications, he
has worked with some of the top 500 companies in the United States
and Latin America to help them build secure and scalable cloud
solutions.
Alex Fernandes Rosa is a senior cloud architect at Amazon Web
Services helping large enterprise customers design, build, and secure
their cloud-native applications and infrastructure in the cloud. His
experience and background in IT span across multiple IT domains,
with specialization in security, networking, and serverless application
development. He holds CISSP and nine AWS certifications, including
the AWS Certified Security – Specialty.

About the Technical Editor

Rajat Ravinder Varuni provides consultation to customers in the
public sector that include architectural design and deployment of
solutions that reduce the likelihood of data leakage, web application,
and denial-of-service attacks. He is a subject matter expert who
provides ongoing support for achieving regulatory needs such as the
Health Insurance Portability and Accountability Act (HIPAA), Federal
Information Security Management Act (FISMA), and Federal Risk and
Authorization Management Program (FedRAMP) attestation and
authorization. Currently, he holds the GIAC Penetration Tester
certificate, as well as successfully challenged a host of AWS
certifications. He also participates in the development of AWS
certification exams, including the Security – Specialty. Additionally,
he has contributed to the AWS Security Blog found at
https://aws.amazon.com/blogs/security/author/varunirv/.
Rajat serves as an academic advisor for the Global Information
Assurance Certification (GIAC), a graduate-level cybersecurity
program. He is also on the editorial board for the Journal of
Information Systems Education (JISE) and serves as a journal
reviewer at Information Systems Audit and Control Association
(ISACA) and the Association for Computing Machinery (ACM).
Rajat holds a master’s and a bachelor’s degree in computer
science from George Washington University and Michigan
Technological University, respectively.
In his free time, Rajat enjoys having a single-threaded
conversation, exploring nature.
 CONTENTS AT A GLANCE

Chapter 1 Introduction to AWS Security

Chapter 2 Cloud Security Event Investigation
Chapter 3 Cloud Security Event Remediation and Planning
Chapter 4 Monitor with Amazon CloudWatch
Chapter 5 Enhanced Security Monitoring and Compliance with
AWS Services
Chapter 6 Log on AWS
Chapter 7 AWS Cryptographic Services
Chapter 8 AWS Cryptographic-Related Services
Chapter 9 AWS Cryptographic Tools
Chapter 10 Design Edge Security on AWS
Chapter 11 Design and Implement a Secure Network
Infrastructure
Chapter 12 Troubleshoot a Secure Network Infrastructure
Chapter 13 Design and Implement Host-Based Security
Chapter 14 Identity and Access Management on AWS
Chapter 15 Troubleshoot Authorization and Authentication
Systems
Appendix A Objective Map
Appendix B About the Online Content
Glossary Acronyms and Glossary

Index
 CONTENTS

Acknowledgments
Introduction
Chapter 1 Introduction to AWS Security
The Five Pillars of the Well-Architected Framework
Operational Excellence
Security
Reliability
Performance Efficiency
Cost Optimization
Focusing on the Security Pillar and the Shared
Responsibility Model
Identity and Access Management
Detective Controls
Infrastructure Protection
Data Protection
Incident Response
Chapter Review
Questions
Answers
Additional Resources
Chapter 2 Cloud Security Event Investigation
What AWS Services Should I Consider for an Incident
Response Plan?
AWS Shield
AWS WAF
 AWS Firewall Manager
AWS Config
AWS CloudTrail, Amazon CloudWatch Logs, and
Amazon VPC Flow Logs
Amazon Athena, Amazon EMR, and Amazon
Kinesis
Amazon GuardDuty, AWS Security Hub, Amazon
Detective, and Amazon Macie
What to Look for as an Indicator of a Cloud Security
Event
Logs and Monitors
Billing Activity
Partner Tools
AWS Outreach
One-Time Contact
Determining the RCA of a Cloud Security Event
How to Read an AWS Abuse Notice
How to Review Available Logs
How to Review Findings
Chapter Review
Questions
Answers
Additional Resources
Chapter 3 Cloud Security Event Remediation and Planning
Automating Alerts and Remediation
Remediation of a Cloud Security Event
Responding to an AWS Abuse Notice
Exercise 3-1: Automating PHD Alerts Through
Amazon EventBridge
Remediating Compromised EC2 Instances
Exercise 3-2: Automating Compromised Amazon
EC2 Instance Response
Remediating Compromised Security Credentials
 Exercise 3-3: Preventing Accidental Commits of
Sensitive Information to GitHub
Best Practices to Avoid Security Incidents
Utilizing Forward Secrecy and AWS ALBs
Exercise 3-4: Setting Up an AWS Application Load
Balancer with Perfect Forward Secrecy
Utilizing the AWS API Gateway with Throttling and
Caching
Utilizing AWS Systems Manager
Exercise 3-5: Automating Amazon EC2 Commands
Using AWS Systems Manager
Chapter Review
Questions
Answers
Additional Resources
Chapter 4 Monitor with Amazon CloudWatch
Introduction to Monitoring on AWS
Goals of Monitoring
Monitoring the AWS Infrastructure Using Amazon
CloudWatch
CloudWatch Metrics
Exercise 4-1: Publishing Custom Metrics
Exercise 4-2: Finding Your Custom Metric in the
CloudWatch Console
CloudWatch Alarms
Exercise 4-3: Creating a CloudWatch Alarm Based
on a Static Threshold
CloudWatch Events
Exercise 4-4: Creating a CloudWatch Events Rule
Monitoring Applications Using Amazon CloudWatch
Introduction to CloudWatch ServiceLens
Introduction to Amazon CloudWatch Synthetics
Chapter Review
 Questions
Answers
Additional Resources
Chapter 5 Enhanced Security Monitoring and Compliance with
AWS Services
Monitoring Resource Configuration Using AWS Config
Exercise 5-1: Setting Up AWS Config
Config Aggregator
Exercise 5-2: Creating an Aggregator
AWS Config Components
Exercise 5-3: Creating a Managed Rule: Encrypted-
Volume
Exercise 5-4: Creating a Custom Rule
Exercise 5-5: Remediating the Noncompliant
Security Groups
Threat Detection Using Amazon GuardDuty
GuardDuty Data Sources
Enable Amazon GuardDuty
Explore All of GuardDuty’s Findings
Exercise 5-6: Simulating an Attack
Configuring GuardDuty for Multiple Accounts
Discover, Classify, and Protect Sensitive Data with
Amazon Macie
Exercise 5-7: Discovering, Classifying, and
Protecting Sensitive Data Using the New Amazon
Macie
Customize Data Identifiers for Your Intellectual
Property in the New Amazon Macie
Exercise 5-8: Discovering S3 Objects with IP
Addresses Using the New Amazon Macie
Monitoring and Processing Macie Findings in the
New Amazon Macie
Introduction to AWS Security Hub
 Configuring Security Hub for Multiple Accounts
Exercise 5-9: Enabling AWS Security Hub
Review Security Hub Findings
Responding to Security Hub Findings
Introduction to Amazon Trusted Advisor
Monitoring Trusted Advisor Checks
Chapter Review
Questions
Answers
Additional Resources
Chapter 6 Log on AWS
Introduction to Logging on AWS
Log Sources
Overview of AWS Service Logging Capabilities
Implement Governance and Risk Auditing of AWS
Accounts with AWS CloudTrail
AWS CloudTrail Building Blocks
Configuring AWS CloudTrail
Controlling Access to AWS CloudTrail Logs Using
AWS IAM and S3 Bucket Policies
Configure AWS CloudTrail to Deliver Log Files from
Multiple Regions
Sharing CloudTrail Log Files Between AWS
Accounts
Exercise 6-1: Sharing CloudTrail Log Files Between
AWS Accounts
Securing CloudTrail Logs
Validating CloudTrail Log File Integrity
Monitoring CloudTrail Logs with Amazon CloudWatch
Logs
Exercise 6-2: Monitoring Privilege Escalation Using
AWS CloudTrail and Amazon CloudWatch Logs
 Logging Non-API Service Events and Console Sign-
in Events
AWS CloudTrail Notifications
Application and System Monitoring with Amazon
CloudWatch Logs
Amazon CloudWatch Logs Components
CloudWatch Logs Insights
Monitoring Application and System Logs Using the
CloudWatch Logs Agent
Exercise 6-3: Monitoring EC2 Instance Memory
Metrics and Failed SSH Login Attempts Using
Amazon CloudWatch Logs
Logging of AWS Services
VPC Flow Logs
Elastic Load Balancer Access Logs
Amazon CloudFront Access Logs
Amazon S3 Access Logs
Chapter Review
Questions
Answers
Additional Resources
Chapter 7 AWS Cryptographic Services
AWS Key Management Service
AWS KMS Concepts
Key Management, Authentication, and Access
Control
Exercise 7-1: Creating a Symmetric CMK and
Modifying the Key Policy
Exercise 7-2: Scheduling a CMK for Deletion
Symmetric vs. Asymmetric Keys and Uses
Key Rotation
Custom Key Store
Monitoring
 AWS CloudHSM
AWS CloudHSM Use Cases and Concepts
Cluster, User, and Key Management
Exercise 7-3: Setting Up an AWS CloudHSM Cluster
Utilities, Authentication, and Access Control
Software Libraries
Monitoring
Chapter Review
Questions
Answers
Additional Resources
Chapter 8 AWS Cryptographic-Related Services
AWS Secrets Manager
AWS Secrets Manager Concepts
Managing Secrets, Authentication, and Access
Control
Exercise 8-1: Creating a Basic Secret
Exercise 8-2: Modifying a Secret’s Resource-Based
Policy
Rotating and Replicating Secrets
Exercise 8-3: Enabling Secret Rotation for an
Amazon RDS Database
Monitoring
Exercise 8-4: Creating an AWS Config Rule to
Ensure Rotation Is Enabled
AWS Certificate Manager
Public Certificates
Exercise 8-5: Requesting a Public AWS ACM
Certificate
Private Certificates
Exercise 8-6: Setting Up an AWS ACM Private CA
Exercise 8-7: Creating an End-Entity Certificate
from Your AWS ACM Private CA
 Chapter Review
Questions
Answers
Additional Resources
Chapter 9 AWS Cryptographic Tools
AWS Encryption SDK
Concepts
Using Keyrings
Supported Algorithm Suites and Programming
Languages
Data Key Caching
DynamoDB Encryption Client
The Differences Between Client-side and Server-
side
Which Fields Are Encrypted or Signed?
How the Amazon DynamoDB Encryption Client
Works
Concepts
Choosing Your Cryptographic Materials Provider
Supported Programming Languages
Chapter Review
Questions
Answers
Additional Resources
Chapter 10 Design Edge Security on AWS
Introduction
Amazon Route 53
DNS Hosted Zones
Common Attacks on the DNS Service
Amazon CloudFront
Behaviors
Origins
 Alternate Domain Names and SSL Certificates
Using Signed Cookies or Signed URLs to Restrict
Access to Content
Caching Content on Amazon CloudFront
Less Attack Surface
Using Amazon CloudFront to Protect Against DDoS
Attacks
Using CloudFront with S3 Securely
CloudFront Geo Restriction
Lambda@Edge
Amazon API Gateway
REST API
API Gateway Endpoints
API Gateway Integration Types
Request Validation
Throttling
API Gateway Authorization
VPC Link
Custom Domains and TLS Version
Client Certificates
Elastic Load Balancer
Classic Load Balancer
Application Load Balancer
Network Load Balancer
Security Policies and Forward Secrecy
Logging
Server Name Indicator
Authorizing Requests with ALB
ALB vs. NLB
AWS Web Application Firewall
AWS WAF Classic and WAFv2
Common Threats for Web Applications
AWS WAF Classic
Another random document with
no related content on Scribd:
A boa arte de reinar
Em um coração rendido,
A não serdes vós nascido,
Não se pudera imitar:
Vós não podeis ensinar
Com paridades e apodos
Os bons meios e os bons modos,
Com que todo o mundo embaça,
Porque sempre estaes de graça,
Por fazer-nos graça á todos.

O generoso da mão,
O coração varonil,
Onde vos cabe o Brazil,
E sobeja coração:
Com pobres a compaixão,
Com ricos o liberal,
Na amizade tão leal,
Na palavra tão massiço,
Para mim tudo é feitiço,
Sendo tudo natural.
 DESPEDE-SE
O P. DA BAHIA QUANDO FOI DEGRADADO PARA ANGOLA

Adeus, praia; adeus, cidade,

E agora me deverás,
Velhaca, dar eu a Deus
A quem devo ao demo dar.

Quero agora que me devas

Dar-te a Deus, como quem cahe,
Sendo que estás tão cahida,
Que nem Deus te quererá:

Adeus, povo; adeus, Bahia,

Digo canalha infernal,
E não fallo na nobreza,
Tabula era que se não dá.

Porque o nobre emfim é nobre,

Quem honra tem, honra dá,
Picaros dão picardias,
E ainda lhes fica que dar

E tu, cidade, és tão vil,

Que o que em ti quizer campar
Não tem mais do que metter-se
A magano, e campará.

Seja ladrão descoberto,

E qual aguia imperial
Tenha na unha o rapante,
E na vista o prespicaz.
A uns compre, a outros venda,
Que eu lhe seguro o medrar,
Seja velhaco notorio,
E tramoeiro fatal.

Compre tudo e pague nada,

Deva aqui, deva acolá,
Perca o pejo e a vergonha,
E si casar case mal.

Porfiar em ser fidalgo,

Que com tanto se achará:
Si tiver mulher formosa,
Gabe-a por esses poiaes;

De virtuosa talvez,
E de entendida outro tal;
Introduza-se ao burlesco
Nas casas onde se achar.

Que ha donzellas de belisco,

E aos punhos se gastára,
Tracte-lhes um galanteio,
E um....., que é o principal.

Arrime-se a um poderoso,
Que lhe alimente o gargaz,
Que ha pagadores na terra
Tão duros como no mar

A estes faça alguns mandados

A titulo de agradar,
E conserve o affectuoso
Confessando desegual.
Intime-lhe a fidalguia,
Que eu creio que lh’o crerá,
E que fique ella por ella
Quando lhe ouvir outro tal.

Vá visitar os amigos
No engenho de cada qual,
E comendo-os por um pé
Nunca tire o pé de lá.

Que os Brazileiros são bestas,

E estarão a trabalhar
Toda a vida, por manterem
Maganos de Portugal.

Como se vir homem rico,

Tenha cuidado em guardar,
Que aqui honram os mofinos,
E mofam dos liberaes.

No Brazil a fidalguia
No bom sangue nunca está,
Nem no bom procedimento:
Pois logo em que póde estar?

Consiste em muito dinheiro,

E consiste em o guardar,
Cada um a guardar bem,
Para ter que gastar mal.

Consiste em da-lo a maganos

Que o saibam lisongear,
Dizendo que é descendente
Da casa de Villa Real.
Si guardar o seu dinheiro,
Onde quizer casará,
Que os sogros não querem homens,
Querem caixas de guardar.

Não coma o genro, nem vista,

Que esse é genro universal,
Todos o querem por genro,
Genro de todos será.

Oh! assolada veja eu

Cidade tão suja e tal,
Avesso de todo o mundo,
Só direita em se entortar.

Terra, que não se parece

Neste mappa universal
Com outra; e ou são ruins todas,
Ou ella sómente é má.

FIM DO TOMO PRIMEIRO

 INDICE DO TOMO I
Introducção V
Vida do dr. Gregorio de Mattos Guerra pelo 1
licenceado Manuel Pereira Rebello
Aos vicios: tercetos 41
Benze-se o P. de varias acções que 45
observava na sua patria
Reprovações 48
Verdades 53
Justiça que faz o P. na honra hypocrita pelos 67
estragos que anda fazendo na verdadeira
honra
Dialogo entre o Demonio e a Alma 73
Contra os ingratos murmuradores do bem 77
que actualmente recebem da mãe universal,
que os affaga, se queixa a Bahia,
confessando-se das culpas, que lhe dão,
pelos preceitos do Decalogo
Á gente da Bahia 100
Observações criticas sobre varias materias 109
por occasião do cometa apparecido em 1680
A fome que houve na Bahia no anno de 1691 116
Retrato do governador Antonio Luiz da 120
Camara Coutinho
Milagres do Brazil. Ao padre Lourenço 126
Ribeiro, homem pardo, que foi vigario da
freguezia de Passé
A um homem humilde que se metteu a 130
fidalgo
A uma briga que teve certo vigario com um 134
ourives por causa de uma mulata
A prisão de duas mulatas por uma querella 138
que d’ellas deu o celebre capitão Domingos
Cardoso, de alcunha o Mangará, pelo furto
de um papagaio
Epigramma sobre varios assumptos 141
Descreve o P. racional e verdadeiramente 144
queixoso os extravagantes meios com que
os extranhos dominam indignamente sobre
os naturaes na sua patria
Retrato do governador Antonio de Sousa de 154
Menezes, chamado o Braço de Prata: sylva
Ao confessor do arcebispo d. frei João da 159
Madre de Deus
Em 1686 diminuiram aquelle valor a que se 164
havia erguido a moeda quando o P. estava
na côrte, onde então com seu alto juizo
sentiu mal do arbitrista que assim o
aconselhára a el-rei, &
Retrato do padre Damaso da Silva 168
Marinicolas 172
Ao Braço Forte, estando preso por ordem do 180
governador Braço de Prata
Á D. João de Alencastre, que vindo do 185
governo de Angola por escala a Bahia, e
estando nella hospede do governador
Antonio Luiz Gonçalves da Camara
Coutinho, seu cunhado, em cujo desagrado
se achava o P., se queixou de que este o não
houvesse visitado, pedindo-lhe que ao
menos lhe fizesse uma satyra por obsequio
Á João Gonçalves da Camara Coutinho, filho 188
do dito governador Antonio Luiz Gonçalves
da Camara, tomando posse de uma
Companhia de infantes em dia de S. João
Baptista, assistindo-lhe de sargento seu tio
dom João de Alencastre
Á Pedro Alvres da Neiva, quando embarcou 191
para Portugal: romance
No Boqueirão de S. Antonio do Carmo, 197
dentro de uma peça de artilharia
descavalgada esteve muitos dias uma cobra
surucucú assaltando aos que passavam com
morte de varias pessoas, sendo governador
Antonio Luiz Gonçalves da Camara Coutinho
(é este o assumpto da poesia): romance
Á Brites, uma parda dama, vulgarmente 200
chamada Betica, pedindo-lhe cem mil réis:
romance
Á Annica, outra similhante parda, pedindo- 204
lhe um cruzado para pagar uns sapatos:
romance
Á umas moças que costumavam ir a uma 207
roça: romance
Á mulata Joanna Gafeira, estando queixosa 209
do P. a haver satyrisado
Á Damazia, outra mulata que chamava seu 212
um vestido que trazia de sua senhora:
romance
Á uma dama por nome Ignacia Paredes: 215
romance
Á uma moça por nome Barbara: romance 219
Satyrisa allegoricamente a varios ladrões da 223
republica: romance
Ao padre Damaso da Silva: romance 232
Á Bento Pereira: romance 237
Aos cavalleiros que correram na Festa das 239
Virgens no anno de 1685, primeiro do
govêrno do marquez das Minas
Á cavallaria da Festa das Virgens no tempo 249
do governo de João de Alencastre, sendo
juiz Gonçalo Ravasco Cavalcante de
Albuquerque
Chegando o marquez das Minas a governar 264
o Estado com o conde do Prado, seu filho,
tractou logo de alliviar os magnates da
Bahia, chamando-os do desterro em que
padeciam, amedrontados do seu antecessor
pela morte que outros deram ao alcaide mór
Francisco Telles, e por acção de graças lhe
fez o secretario de Estado Bernardo Vieira
Ravasco esta decima, que o P. glozou com
os primeiros costumados metaphoricamente
Á uns clerigos, que indo ao exame do 270
cantochão para ordens sacras na presença
do arcebispo d. João Franco de Oliveira,
desafinaram perturbados
Epistola ao conde do Prado: romance 273
Á tres freiras do Convento da Rosa, todas 277
irmãs, a quem ouviu o auctor cantar, e a uma
tanger rabecão
Á duas moças pardas 280
Á sogra de Gonçalo Dias, mandando-lhes 283
uns sonhos
Á Brites, uma dama pretendida de muitos e 286
de nenhum lograda
Conversa que teve o auctor em uma roça 289
com a mesma dama
Á mesma Brites, arrependida de haver 291
casado
Á uma moça chamada Thereza, de côr 294
trigueira
Á uma dama a quem o P. em certa occasião 296
achou mais formosa do que costumava ver
Á uma dama esquiva 299
Dando uma que da á vista de uma dama, 302
que se entende ser a celebrada Babú
Julga o P. com subtileza a culpa de 305
acontecimentos iniquos no tempo abstracto.
Entende-se ser esta obra satyra ao
governador Antonio de Sousa de Menezes,
por alcunha o Braço de Prata
Á Luiz Cesar de Menezes, governador de 309
Angola, pedindo-lhe de Carconda certo favor
ou despacho por titulos de comedias
Redargue o P. a doutrina ou maxima do bem 312
viver que muitos politicos seguem de
involver-se na confusão de homens perdidos
o nescios, para passarem com menos
incommodo esta humana vida
Descreve o rico feitio de um celebre Gregorio 318
de Negreiros, em que varias vezes falla,
moço com quem gracejava com divertimento
naquelle sitio
Á Henrique da Cunha, chegando do sitio da 321
Itapema á Cajahyba
Pedindo-se a soltura de um mulato á seu 326
senhor
Á Antonia, moça parda de Pernamirim 329
chamada vulgarmente Catona
Á mesma Catona, despedindo-se o auctor de 332
Pernamirim para a villa de S. Francisco
Á Annica, uma mulata da Cajahyba 335
Á uma mulata de Pernamirim chamada Luzia 338
Á Antonia, moça parda, chamada a 341
Marimbonda, que morava na rua da Poeira, e
a viu o P. no Campo da Palma debaixo de
uma urupemba em casa de uma amiga.
Allude ao remedio sympathico de se queimar
a casa dos marimbondos, para se extinguir
logo a dôr das suas picadas
Saudoso de Pernamirim e por occasião de 344
haver visto na villa de S. Francisco, onde
estava, um moleque chamado Moçorongo,
escreve a um amigo d’aquelle sitio: romance
Escreve tambem queixoso a um seu amigo 347
Ignacio, morador em Pernamirim, em quem
falla no romance antecedente: romance
Á Antonio de Andrade, sendo dispenseiro da 351
Misericordia
Ao capitão João Rodrigues dos Reis, homem 354
generoso e alentado, grande amigo do P.
Despede-se o P. da Bahia quando foi 357
degradado para Angola
 Nota
A capa foi criada pelo transcritor e se coloca no dominio publico.
 *** END OF THE PROJECT GUTENBERG EBOOK OBRAS
POETICAS DE GREGORIO DE MATTOS GUERRA - TOMO I ***

Updated editions will replace the previous one—the old editions

will be renamed.

Creating the works from print editions not protected by U.S.

copyright law means that no one owns a United States copyright
in these works, so the Foundation (and you!) can copy and
distribute it in the United States without permission and without
paying copyright royalties. Special rules, set forth in the General
Terms of Use part of this license, apply to copying and
distributing Project Gutenberg™ electronic works to protect the
PROJECT GUTENBERG™ concept and trademark. Project
Gutenberg is a registered trademark, and may not be used if
you charge for an eBook, except by following the terms of the
trademark license, including paying royalties for use of the
Project Gutenberg trademark. If you do not charge anything for
copies of this eBook, complying with the trademark license is
very easy. You may use this eBook for nearly any purpose such
as creation of derivative works, reports, performances and
research. Project Gutenberg eBooks may be modified and
printed and given away—you may do practically ANYTHING in
the United States with eBooks not protected by U.S. copyright
law. Redistribution is subject to the trademark license, especially
commercial redistribution.

START: FULL LICENSE

THE FULL PROJECT GUTENBERG LICENSE
 PLEASE READ THIS BEFORE YOU DISTRIBUTE OR USE THIS WORK

To protect the Project Gutenberg™ mission of promoting the

free distribution of electronic works, by using or distributing this
work (or any other work associated in any way with the phrase
“Project Gutenberg”), you agree to comply with all the terms of
the Full Project Gutenberg™ License available with this file or
online at www.gutenberg.org/license.

Section 1. General Terms of Use and

Redistributing Project Gutenberg™
electronic works
1.A. By reading or using any part of this Project Gutenberg™
electronic work, you indicate that you have read, understand,
agree to and accept all the terms of this license and intellectual
property (trademark/copyright) agreement. If you do not agree to
abide by all the terms of this agreement, you must cease using
and return or destroy all copies of Project Gutenberg™
electronic works in your possession. If you paid a fee for
obtaining a copy of or access to a Project Gutenberg™
electronic work and you do not agree to be bound by the terms
of this agreement, you may obtain a refund from the person or
entity to whom you paid the fee as set forth in paragraph 1.E.8.

1.B. “Project Gutenberg” is a registered trademark. It may only

be used on or associated in any way with an electronic work by
people who agree to be bound by the terms of this agreement.
There are a few things that you can do with most Project
Gutenberg™ electronic works even without complying with the
full terms of this agreement. See paragraph 1.C below. There
are a lot of things you can do with Project Gutenberg™
electronic works if you follow the terms of this agreement and
help preserve free future access to Project Gutenberg™
electronic works. See paragraph 1.E below.
1.C. The Project Gutenberg Literary Archive Foundation (“the
Foundation” or PGLAF), owns a compilation copyright in the
collection of Project Gutenberg™ electronic works. Nearly all the
individual works in the collection are in the public domain in the
United States. If an individual work is unprotected by copyright
law in the United States and you are located in the United
States, we do not claim a right to prevent you from copying,
distributing, performing, displaying or creating derivative works
based on the work as long as all references to Project
Gutenberg are removed. Of course, we hope that you will
support the Project Gutenberg™ mission of promoting free
access to electronic works by freely sharing Project
Gutenberg™ works in compliance with the terms of this
agreement for keeping the Project Gutenberg™ name
associated with the work. You can easily comply with the terms
of this agreement by keeping this work in the same format with
its attached full Project Gutenberg™ License when you share it
without charge with others.

1.D. The copyright laws of the place where you are located also
govern what you can do with this work. Copyright laws in most
countries are in a constant state of change. If you are outside
the United States, check the laws of your country in addition to
the terms of this agreement before downloading, copying,
displaying, performing, distributing or creating derivative works
based on this work or any other Project Gutenberg™ work. The
Foundation makes no representations concerning the copyright
status of any work in any country other than the United States.

1.E. Unless you have removed all references to Project

Gutenberg:

1.E.1. The following sentence, with active links to, or other

immediate access to, the full Project Gutenberg™ License must
appear prominently whenever any copy of a Project
Gutenberg™ work (any work on which the phrase “Project
Gutenberg” appears, or with which the phrase “Project
Gutenberg” is associated) is accessed, displayed, performed,
viewed, copied or distributed:

This eBook is for the use of anyone anywhere in the United

States and most other parts of the world at no cost and with
almost no restrictions whatsoever. You may copy it, give it
away or re-use it under the terms of the Project Gutenberg
License included with this eBook or online at
www.gutenberg.org. If you are not located in the United
States, you will have to check the laws of the country where
you are located before using this eBook.

1.E.2. If an individual Project Gutenberg™ electronic work is

derived from texts not protected by U.S. copyright law (does not
contain a notice indicating that it is posted with permission of the
copyright holder), the work can be copied and distributed to
anyone in the United States without paying any fees or charges.
If you are redistributing or providing access to a work with the
phrase “Project Gutenberg” associated with or appearing on the
work, you must comply either with the requirements of
paragraphs 1.E.1 through 1.E.7 or obtain permission for the use
of the work and the Project Gutenberg™ trademark as set forth
in paragraphs 1.E.8 or 1.E.9.

1.E.3. If an individual Project Gutenberg™ electronic work is

posted with the permission of the copyright holder, your use and
distribution must comply with both paragraphs 1.E.1 through
1.E.7 and any additional terms imposed by the copyright holder.
Additional terms will be linked to the Project Gutenberg™
License for all works posted with the permission of the copyright
holder found at the beginning of this work.

1.E.4. Do not unlink or detach or remove the full Project

Gutenberg™ License terms from this work, or any files
containing a part of this work or any other work associated with
Project Gutenberg™.
 1.E.5. Do not copy, display, perform, distribute or redistribute
this electronic work, or any part of this electronic work, without
prominently displaying the sentence set forth in paragraph 1.E.1
with active links or immediate access to the full terms of the
Project Gutenberg™ License.

1.E.6. You may convert to and distribute this work in any binary,
compressed, marked up, nonproprietary or proprietary form,
including any word processing or hypertext form. However, if
you provide access to or distribute copies of a Project
Gutenberg™ work in a format other than “Plain Vanilla ASCII” or
other format used in the official version posted on the official
Project Gutenberg™ website (www.gutenberg.org), you must, at
no additional cost, fee or expense to the user, provide a copy, a
means of exporting a copy, or a means of obtaining a copy upon
request, of the work in its original “Plain Vanilla ASCII” or other
form. Any alternate format must include the full Project
Gutenberg™ License as specified in paragraph 1.E.1.

1.E.7. Do not charge a fee for access to, viewing, displaying,

performing, copying or distributing any Project Gutenberg™
works unless you comply with paragraph 1.E.8 or 1.E.9.

1.E.8. You may charge a reasonable fee for copies of or

providing access to or distributing Project Gutenberg™
electronic works provided that:

• You pay a royalty fee of 20% of the gross profits you derive from
the use of Project Gutenberg™ works calculated using the
method you already use to calculate your applicable taxes. The
fee is owed to the owner of the Project Gutenberg™ trademark,
but he has agreed to donate royalties under this paragraph to
the Project Gutenberg Literary Archive Foundation. Royalty
payments must be paid within 60 days following each date on
which you prepare (or are legally required to prepare) your
periodic tax returns. Royalty payments should be clearly marked
as such and sent to the Project Gutenberg Literary Archive
Foundation at the address specified in Section 4, “Information
 about donations to the Project Gutenberg Literary Archive
Foundation.”

• You provide a full refund of any money paid by a user who

notifies you in writing (or by e-mail) within 30 days of receipt that
s/he does not agree to the terms of the full Project Gutenberg™
License. You must require such a user to return or destroy all
copies of the works possessed in a physical medium and
discontinue all use of and all access to other copies of Project
Gutenberg™ works.

• You provide, in accordance with paragraph 1.F.3, a full refund of

any money paid for a work or a replacement copy, if a defect in
the electronic work is discovered and reported to you within 90
days of receipt of the work.

• You comply with all other terms of this agreement for free
distribution of Project Gutenberg™ works.

1.E.9. If you wish to charge a fee or distribute a Project

Gutenberg™ electronic work or group of works on different
terms than are set forth in this agreement, you must obtain
permission in writing from the Project Gutenberg Literary
Archive Foundation, the manager of the Project Gutenberg™
trademark. Contact the Foundation as set forth in Section 3
below.

1.F.

1.F.1. Project Gutenberg volunteers and employees expend

considerable effort to identify, do copyright research on,
transcribe and proofread works not protected by U.S. copyright
law in creating the Project Gutenberg™ collection. Despite
these efforts, Project Gutenberg™ electronic works, and the
medium on which they may be stored, may contain “Defects,”
such as, but not limited to, incomplete, inaccurate or corrupt
data, transcription errors, a copyright or other intellectual
property infringement, a defective or damaged disk or other
medium, a computer virus, or computer codes that damage or
cannot be read by your equipment.

1.F.2. LIMITED WARRANTY, DISCLAIMER OF DAMAGES -

Except for the “Right of Replacement or Refund” described in
paragraph 1.F.3, the Project Gutenberg Literary Archive
Foundation, the owner of the Project Gutenberg™ trademark,
and any other party distributing a Project Gutenberg™ electronic
work under this agreement, disclaim all liability to you for
damages, costs and expenses, including legal fees. YOU
AGREE THAT YOU HAVE NO REMEDIES FOR NEGLIGENCE,
STRICT LIABILITY, BREACH OF WARRANTY OR BREACH
OF CONTRACT EXCEPT THOSE PROVIDED IN PARAGRAPH
1.F.3. YOU AGREE THAT THE FOUNDATION, THE
TRADEMARK OWNER, AND ANY DISTRIBUTOR UNDER
THIS AGREEMENT WILL NOT BE LIABLE TO YOU FOR
ACTUAL, DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE
OR INCIDENTAL DAMAGES EVEN IF YOU GIVE NOTICE OF
THE POSSIBILITY OF SUCH DAMAGE.

1.F.3. LIMITED RIGHT OF REPLACEMENT OR REFUND - If

you discover a defect in this electronic work within 90 days of
receiving it, you can receive a refund of the money (if any) you
paid for it by sending a written explanation to the person you
received the work from. If you received the work on a physical
medium, you must return the medium with your written
explanation. The person or entity that provided you with the
defective work may elect to provide a replacement copy in lieu
of a refund. If you received the work electronically, the person or
entity providing it to you may choose to give you a second
opportunity to receive the work electronically in lieu of a refund.
If the second copy is also defective, you may demand a refund
in writing without further opportunities to fix the problem.

1.F.4. Except for the limited right of replacement or refund set

forth in paragraph 1.F.3, this work is provided to you ‘AS-IS’,
WITH NO OTHER WARRANTIES OF ANY KIND, EXPRESS