Amazon Web ServicesSCS-C03Specialty

AWS Certified Security - Specialty

Independent, adaptive preparation aligned to the published SCS-C03 exam blueprint. Learn to explain and apply the technology, not just memorize enough to pass.

See plans from $29

Take the official exam through Amazon Web Services or its authorized delivery partner. SkillsTech Certified does not administer the exam or issue the Amazon Web Services credential.

Track at a glance

Exam code
SCS-C03
Version
SCS-C03
Level
Specialty
Blueprint domains
6
Lessons
9
Original practice questions
260
Flashcards
139
Last reviewed
2026-07-14
Next scheduled review
2026-10-14
Blueprint facts are re-verified against the official exam guide on the review schedule above.
Exam blueprint

Domains & weights

Every lesson and question is mapped to a domain and objective below, and every attempt records the exam version it was answered under.

Domain 1: Detection

16% of exam

Published weight 16%. Designing and implementing threat detection, monitoring, and analysis using AWS security services (GuardDuty, Security Hub, Detective, Inspector, Macie).

  • Design and implement threat detection and monitoring (GuardDuty, Security Hub, Detective, Inspector)

Domain 2: Incident Response

14% of exam

Published weight 14%. Designing and implementing incident response: playbooks, automated remediation, forensics, and containment.

  • Design and implement incident response (playbooks, automation, forensics, containment/remediation)

Domain 3: Infrastructure Security

18% of exam

Published weight 18%. Designing edge and network security (WAF, Shield, VPC design, firewalls, endpoints) and securing compute (EC2, containers, patching, hardening).

  • Design edge and network security (WAF, Shield, VPC, security groups/NACLs, endpoints)
  • Secure compute workloads (EC2, containers, patching, hardening, host protection)

Domain 4: Identity and Access Management

20% of exam

Published weight 20%. Designing authentication and access (IAM, IAM Identity Center, federation, STS) and troubleshooting/analyzing authorization (policies, permission boundaries, SCPs, access analyzer).

  • Design authentication and access (IAM, IAM Identity Center, federation, STS, roles)
  • Troubleshoot and analyze authorization (policies, permission boundaries, SCPs, IAM Access Analyzer)

Domain 5: Data Protection

18% of exam

Published weight 18%. Designing encryption and key management (KMS, CloudHSM, ACM, Secrets Manager) and protecting data at rest and in transit including sensitive data (Macie, S3 controls).

  • Design encryption and key management (KMS, CloudHSM, ACM, Secrets Manager)
  • Protect data at rest and in transit and sensitive data (Macie, S3 controls, tokenization)

Domain 6: Security Foundations and Governance

14% of exam

Published weight 14%. Implementing security governance and compliance across accounts (Organizations, SCPs, Config, Control Tower, Audit Manager, cost/logging).

  • Implement security governance and compliance (Organizations, Config, Control Tower, Audit Manager)

Source & provenance

  • AWS Certified Security - Specialty (SCS-C03) exam guide: official source (retrieved 2026-07-14)
  • AWS Certified Security - Specialty: official source (retrieved 2026-07-14)

SkillsTech Certified is an independent certification-training and exam-preparation platform. Certification exams and official credentials are administered and issued by their respective providers. SkillsTech Certified is not affiliated with, endorsed by, or sponsored by AWS, Microsoft, Google, or any certification provider. Product names, certification names, and trademarks belong to their respective owners.

Related certifications

CompTIA
CompTIA Security+
SY0-701
ISC2
CISSP - Certified Information Systems Security Professional
CISSP
Skills Tech Certified
SkillsTech Certified AI-Era Software Engineer Associate
AIESE-1