عراب ال IT 
امتحانات دوليه
AWS Certified Security – Specialty
About the Certification
This is an advanced AWS certification that validates a professional’s ability to secure cloud infrastructures, protect data, manage identity and access, monitor activities, and enforce security controls at scale within AWS. The certification focuses on advanced security domains such as encryption using AWS KMS, advanced IAM, governance, network protection, log monitoring, incident response, and securing multi-account AWS environments. The AWS Certified Security – Specialty certification is designed for AWS engineers who want deep specialization in cloud security.
Main Curriculum
The curriculum is divided into six main sections
- Identity and Access Management
-
- Advanced IAM (roles, policies, federation)
- Principle of least privilege and access patterns
- Secrets management
- Cross-account access
- Detection and Incident Response
-
- AWS CloudTrail and CloudWatch
- Amazon GuardDuty and Detective
- Automated incident response
- Digital forensics fundamentals
- Data Protection and Encryption
-
- Encryption at rest and in transit
- AWS KMS and CloudHSM
- Key management strategies
- Data classification and protection
- Infrastructure Security
-
- Secure VPC design
- Network segmentation
- DDoS protection (AWS Shield)
- Network firewall concepts
- Governance, Risk, and Compliance
-
- Compliance frameworks
- Security policies and controls
- Audit readiness
- Shared Responsibility Model
- Application Security
-
- Secure application architectures
- API security
- Secure CI/CD pipelines
- Vulnerability management
Exam Details
- Exam code: SCS-C02
- Duration: 170 minutes
- Number of questions: 65
- Question types: Multiple-choice and multiple-response
- Language: English
- Passing score: 750 out of 1000
- Exam fee: USD 300 (may vary by country and may include taxes)
- Certification validity: 3 years
Do I need certifications before it ?
No, not at all.
However, it is strongly recommended to have 1–2 years of solid hands-on AWS experience, with excellent knowledge of IAM, networking, and encryption mechanisms.
Holding an Associate-level certification such as SAA-C03 (Solutions Architect – Associate) or SOA-C02 (SysOps Administrator – Associate) is highly recommended before pursuing this advanced specialization.
Which certifications are recommended after this one ?
Not mandatory. However, for professionals seeking a strong path in securing AWS environments particularly in identity and access management, data protection, threat detection, and incident response the AWS Certified Security – Specialty certification is the strongest specialization.
What are the main career uses of the AWS Certified Security – Specialty ?
- CISSP for transitioning into strategic and leadership roles in information security.
- CCSP for deep specialization in multi-cloud security.
- AWS Advanced Networking – Specialty to strengthen expertise in secure and complex AWS networking.
- DevSecOps (Security Automation / CI/CD Security) to integrate security into development and operations pipelines.
- Cloud Incident Response / Threat Detection for specialization in cloud threat hunting and incident response.
- Multi-Cloud Security (Azure / GCP) to expand security expertise beyond AWS.
Your Step Toward Cloud Security Mastery :
The SCS-C02 certification represents the deepest specialization in AWS security. It equips you with advanced capabilities to secure cloud infrastructures, manage identities, protect sensitive data, and monitor environments with a high level of professional expertise.
Who is this certification suitable for ?
- Cloud Security Engineers working in AWS environments.
- Professionals managing enterprise-scale IAM with advanced policies.
- Engineers working with encryption, KMS, and sensitive data protection.
- Security professionals operating CloudTrail, GuardDuty, and Inspector.
- Engineers dealing with complex networking setups (VPC, WAF, Shield, NACLs, Security Groups).
- Anyone aiming to specialize deeply in Cloud Security.