[Intro] AWS Certified Security - Specialty

dinhtqvn

New Member
The AWS Certified Security – Specialty is intended for individuals who perform a security role with at least two years of hands-on experience securing AWS workloads. The AWS Certified Security - Specialty (SCS-C01) examination is intended for individuals who perform a security role. This exam validates an examinee’s ability to effectively demonstrate knowledge about securing the AWS platform.

Abilities Validated by the Certification​

  • An understanding of specialized data classifications and AWS data protection mechanisms
  • An understanding of data encryption methods and AWS mechanisms to implement them
  • An understanding of secure Internet protocols and AWS mechanisms to implement them
  • A working knowledge of AWS security services and features of services to provide a secure production environment
  • Competency gained from two or more years of production deployment experience using AWS security services and features
  • Ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements
  • An understanding of security operations and risk

Recommended Knowledge and Experience​

  • At least two years of hands-on experience securing AWS workloads
  • Security controls for workloads on AWS
  • A minimum of five years of IT security experience designing and implementing security solutions

Prepare for Your Exam​

There is no better preparation than hands-on experience. There are many relevant AWS Training courses and other resources to assist you with acquiring additional knowledge and skills to prepare for certification. Please review the exam guide for information about the competencies assessed on the certification exam.

Content Outline
This exam guide includes weightings, test domains, and objectives only. It is not a comprehensive listing of the content on this examination. The table below lists the main content domains and their weightings.

Domain 1: Incident Response
1.1 Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
1.2 Verify that the Incident Response plan includes relevant AWS services.
1.3 Evaluate the configuration of automated alerting, and execute possible remediation of security-related incidents and emerging issues.
Domain 2: Logging and Monitoring
2.1 Design and implement security monitoring and alerting.
2.2 Troubleshoot security monitoring and alerting.
2.3 Design and implement a logging solution.
2.4 Troubleshoot logging solutions.
Domain 3: Infrastructure Security
3.1 Design edge security on AWS.
3.2 Design and implement a secure network infrastructure.
3.3 Troubleshoot a secure network infrastructure.
3.4 Design and implement host-based security.
Domain 4: Identity and Access Management
4.1 Design and implement a scalable authorization and authentication system to access AWS resources.
4.2 Troubleshoot an authorization and authentication system to access AWS resources.
Domain 5: Data Protection
5.1 Design and implement key management and use.
5.2 Troubleshoot key management.
5.3 Design and implement a data encryption solution for data at rest and data in transit.
 
Top