Amazon Web Services SCS-C01 Practice Exam Dumps 2025

A Web Administrator for the website example.com has created an Amazon CloudFront distribution for dev.example.com, with a requirement to configure HTTPS using a custom TLS certificate imported to IAM Certificate Manager.

Which combination of steps is required to ensure availability of the certificate in the CloudFront console? (Choose two.)

Options:

Call UploadServerCertificate with /cloudfront/dev/ in the path parameter.

Import the certificate with a 4,096-bit RSA public key.

Ensure that the certificate, private key, and certificate chain are PKCS #12-encoded.

Import the certificate in the us-east-1 (N. Virginia) Region.

Ensure that the certificate, private key, and certificate chain are PEM-encoded.

Buy Now

Question 2

A security engineer has enabled IAM Security Hub in their IAM account, and has enabled the Center for internet Security (CIS) IAM Foundations compliance standard. No evaluation results on compliance are returned in the Security Hub console after several hours. The engineer wants to ensure that Security Hub can evaluate their resources for CIS IAM Foundations compliance.

Which steps should the security engineer take to meet these requirements?

Options:

Add full Amazon Inspector IAM permissions to the Security Hub service role to allow it to perform the CIS compliance evaluation

Ensure that IAM Trusted Advisor Is enabled in the account and that the Security Hub service role has permissions to retrieve the Trusted Advisor security-related recommended actions

Ensure that IAM Config. is enabled in the account, and that the required IAM Config rules have been created for the CIS compliance evaluation

Ensure that the correct trail in IAM CloudTrail has been configured for monitoring by Security Hub and that the Security Hub service role has permissions to perform the GetObject operation on CloudTrails Amazon S3 bucket

Question 3

A company has a compliance requirement to rotate its encryption keys on an annual basis. A Security Engineer needs a process to rotate the KMS Customer Master Keys (CMKs) that were created using imported key material.

How can the Engineer perform the key rotation process MOST efficiently?

Options:

Create a new CMK, and redirect the existing Key Alias to the new CMK

Select the option to auto-rotate the key

Upload new key material into the existing CMK.

Create a new CMK, and change the application to point to the new CMK

Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Amazon Web Services Related Exams

Verified By IT Certified Experts

CertsTopics.com Certified Safe Files

Up-To-Date Exam Study Material

99.5% High Success Pass Rate

100% Accurate Answers

Instant Downloads

Exam Questions And Answers PDF

Try Demo Before You Buy

AWS Certified Security - Specialty Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce