Share if you liked:
[New 2022] Practice Exams to test your knowledge and pass your AWS Certified Security Speciality [SCS-C01]
What you'll learn
Requirements
Description
Introduction
The AWS Certified Security Specialty (SCS-C01) examination is intended for individuals who perform a security role.
This exam validates an examinee’s ability to effectively demonstrate knowledge about securing the AWS platform. It validates an examinee’s ability to demonstrate:
An understanding of specialized data classifications and AWS data protection mechanisms.
An understanding of data-encryption methods and AWS mechanisms to implement them.
An understanding of secure Internet protocols and AWS mechanisms to implement them.
A working knowledge of AWS security services and features of services to provide a secure production environment.
Competency gained from two or more years of production deployment experience using AWS security services and features.
The ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements.
An understanding of security operations and risks.
Exam Content
Domain 1: Incident Response
Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
Preparation stages for incident response
Mitigation steps to perform Incident response steps
Verify that the Incident Response plan includes relevant AWS services.
Dealing with exposed access keys
Evaluated suspected compromised EC2 Instances
Evaluate the configuration of automated alerting, and execute possible remediation of security-related incidents and emerging issues.
AWS Guard duty
Penetration testing
Domain 2: Logging and Monitoring
Design and implement security monitoring and alerting.
Design and implement a logging solution.
Continuous Security Monitoring
Introduction to Vulnerability Assessment
AWS Inspector
AWS Inspector Assessment targets
AWS EC2 systems manager
AWS Config
Understanding CloudWatch
VPC Flow Logs
CloudWatch Events
AWS Cloud Trail
AWS Macie
AWS Detective
AWS Security Hub
S3 Event notifications
Trusted advisor recommendations
Troubleshoot security monitoring and alerting.
Troubleshoot logging solutions.
Domain 3: Infrastructure Security
Design edge security on AWS.
Design and implement a secure network infrastructure.
AWS Organizations
Managing OUs
CloudFront
AWS CloudFront Custom SSL
Firewalls
Security groups
Network ACLs
IPS/IDS concepts in cloud
AWS Web Application Firewall (WAF)
AWS Shield concepts
DDoS Mitigation
Network Segmentation
Bastion Hosts
Virtual Private Cloud (VPC)
VPC Endpoints
EC2 Tenancy
Compliance Frameworks
AWS lambda fundamentals
AWS Simple Email Service
AWS Route53 DNS
Troubleshoot a secure network infrastructure
Design and implement host-based security
Domain 4: Identity and Access Management
Design and implement a scalable authorization and authentication system to access AWS resources.
Understand the Principle of Least Privilege
IAM Policies
IAM JSON Policy Elements
IAM Roles
IAM Permission boundaries
Evaluating effective permissions
Understanding Delegation
Cross account policies & roles
Understanding Federation
AWS Directory services
AWS Organizations
Single Sign-On
SAML Overview Concepts
S3 Security
Cross Account S3 access
S3 Versioning
S3 MFA delete
AWS License manager
Troubleshoot an authorization and authentication system to access AWS resources.
Domain 5: Data Protection
Design and implement key management and use
Cryptography fundamentals
Cloud Hardware Security Module (HSM)
AWS Key Management Service (KMS)
Envelope Encryption
KMS Authentication and Access Control
CloudTrail and Encryption
EBS Architecture and Secure Data Wiping
S3 Encryption
AWS Certificate Manager
ELB- ALB and NLB
Docker and container security fundamentals
AWS Glacier
Troubleshoot key management.
Design and implement a data encryption solution for data at rest and data in transit.
Who this course is for:
You should keep in mind that the Coupons last a maximum of 4 days or until 1000 registrations are exhausted, but it can expire anytime. Get the course with coupon by clicking on the following button:
