Amazon Web Services Related Exams
SCS-C02 Exam
Key domains include:
Incident Response
Logging and Monitoring
Infrastructure Security
Identity and Access Management
Data Protection
Secure Design and Implementation
The SCS-C02 certification is all about protecting AWS environments—think encryption, access control, threat detection, and compliance. On the other hand, the ANS-C01 certification dives deep into network architecture—including hybrid setups, routing protocols, and secure connectivity.
A company uploads data files as objects into an Amazon S3 bucket. A vendor downloads the objects to perform data processing.
A security engineer must implement a solution that prevents objects from residing in the S3 bucket for longer than 72 hours.
Which solution will meet this requirement?
A company uses AWS Organizations to manage a small number of AWS accounts. However, the company plans to add 1 000 more accounts soon. The company allows only a centralized security team to create IAM roles for all AWS accounts and teams. Application teams submit requests for IAM roles to the security team. The security team has a backlog of IAM role requests and cannot review and provision the IAM roles quickly.
The security team must create a process that will allow application teams to provision their own IAM roles. The process must also limit the scope of IAM roles and prevent privilege escalation.
Which solution will meet these requirements with the LEAST operational overhead?
A company must retain backup copies of Amazon RDS DB instances and Amazon Elastic Block Store (Amazon EBS) volumes. The company must retain the backup copies in data centers that are several hundred miles apart.
Which solution will meet these requirements with the LEAST operational overhead?