Amazon

SCS-C01 AWS Certified Security - Specialty

Use original educational practice content, randomized simulator sessions, score history and explanation review for SCS-C01.

Practice questions are provided in English to match the language commonly used in IT certification exams.

QZ9 is an independent training platform. All practice questions are original and created for educational purposes only. We do not provide unauthorized vendor exam content. Microsoft, AWS, Cisco, CompTIA, PMI and other trademarks belong to their respective owners.

VendorAmazon
CodeSCS-C01
Duration170 minutes
Questions65
Exam facts

Objective-based preparation without unauthorized content

Certification metadata is preserved from the legacy QZ9 catalog. Questions remain English-only.

Start Practice Test
1Find your exam
2Start the simulator
3Review results
QZ9Independent training platform
Free question preview

Exam simulator

Practice questions are provided in English to match the language commonly used in IT certification exams.

Question 1

The Security team believes that a former employee may have gained unauthorized access to AWS resources sometime in the past 3 months by using an identified access key. What approach would enable the Security team to find out what the former employee may have done within AWS?

Question 2

A company is storing data in Amazon S3 Glacier. The security engineer implemented a new vault lock policy for 10TB of data and called initiate-vault-lock operation 12 hours ago. The audit team identified a typo in the policy that is allowing unintended access to the vault. What is the MOST cost-effective way to correct this?

Question 3

A company wants to control access to its AWS resources by using identities and groups that are defined in its existing Microsoft Active Directory. What must the company create in its AWS account to map permissions for AWS services to Active Directory user attributes?

Question 4

A company has contracted with a third party to audit several AWS accounts. To enable the audit, cross-account IAM roles have been created in each account targeted for audit. The Auditor is having trouble accessing some of the accounts. Which of the following may be causing this problem? (Choose three.)

Question 5

Compliance requirements state that all communications between company on-premises hosts and EC2 instances be encrypted in transit. Hosts use custom proprietary protocols for their communication, and EC2 instances need to be fronted by a load balancer for increased availability. Which of the following solutions will meet these requirements?