Skip to main content
Cybersecurity ⭐ Premium

AWS Certified Security Specialty (SCS-C03) - 340 Questions

By Webmaster Certland ❤️ 0 likes

Practice exam for the AWS Certified Security Specialty (SCS-C03). Covers threat detection, incident response, infrastructure security, identity and access management, data protection, and security foundations and governance.

🔒

Premium Content

This exam is exclusive to Premium users. Upgrade to get unlimited access!

Become Premium

👁️ Free Preview (5 of 340 questions)

1. A security engineer needs to enable threat detection for an AWS account. The engineer wants to automatically detect when an EC2 instance is communicating with known malicious IP addresses. Which AWS service should the engineer enable to accomplish this with the least operational overhead?

A Enable Amazon GuardDuty for the AWS account.
B Enable AWS Security Hub and configure CIS AWS Foundations Benchmark standard.
C Enable Amazon Inspector and configure network reachability assessments.
D Enable VPC Flow Logs and store them in Amazon S3 for analysis.

2. A company has enabled Amazon GuardDuty across all regions in their AWS Organization. The security team receives a GuardDuty finding of type UnauthorizedAccess:IAMUser/ConsoleLoginSuccess.B. What does this finding indicate?

A An IAM user failed to log in to the AWS Management Console multiple times from an unusual location.
B An IAM user successfully logged in to the AWS Management Console from a Tor exit node or anonymizing proxy.
C The AWS root account logged in to the AWS Management Console.
D An IAM user made programmatic API calls using temporary credentials from an unusual region.

3. A security team wants to use Amazon GuardDuty to monitor Amazon S3 buckets for threats such as unusual data access patterns and potential data exfiltration. Which GuardDuty feature must be enabled to support S3 protection?

A Enable Amazon Macie and configure it to analyze S3 bucket access logs.
B Enable Amazon Inspector and configure it to assess S3 bucket policies.
C Enable GuardDuty S3 Protection to analyze S3 CloudTrail data events.
D Enable S3 Server Access Logging and forward the logs to GuardDuty.

4. A company uses AWS Security Hub to centralize security findings. The security operations team wants to automatically send high-severity findings to their ticketing system. Which combination of services provides the most straightforward solution?

A Configure Security Hub to send findings to Amazon EventBridge, then create an EventBridge rule to trigger an AWS Lambda function that calls the ticketing system API.
B Configure AWS Config to evaluate Security Hub findings and trigger a Lambda function to create tickets.
C Configure Amazon GuardDuty to route Security Hub findings to Lambda for ticket creation.
D Enable AWS CloudTrail to capture Security Hub events and trigger a Lambda function for each high-severity event.

5. A security engineer wants to classify sensitive data stored in Amazon S3 buckets across a company's AWS account and identify buckets that contain personally identifiable information (PII). Which AWS service is purpose-built for this task?

A Enable Amazon GuardDuty with S3 Protection enabled.
B Enable AWS Config and create a rule to evaluate S3 bucket contents.
C Enable Amazon Inspector and configure it to scan S3 buckets for sensitive data.
D Enable Amazon Macie and run a discovery job against the S3 buckets.

Want to test yourself for real?

Create a free account and run our exam simulation engine.

Free No credit card
  • Simulation engine
  • Up to 10 questions per attempt
  • Score & basic stats
Create free account Already have an account? Sign in
Best
Premium 7-day trial
  • All 340 questions
  • Detailed explanations
  • Smart Practice + Focus Mode
⭐ Start 7-day free trial

Information

Questions 340
Time 2h 50min
Difficulty Hard
Minimum Score 75.00%
🤍 Like

Related Exams

⭐ Premium

Microsoft Cybersecurity Architect (SC-100) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Identity and Access Administrator (SC-300) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Security, Compliance, and Identity Fundamentals (SC-900) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Azure Security Technologies (AZ-500) - 340 Questions

340 questions · 0 attempts

Discussion

No comments yet. Be the first to start the discussion!

Sign in to join the discussion.