Skip to product information
1 of 3

79% Off Practice Exams | AWS Certified Security – Specialty | Udemy Review & Coupon

79% Off Practice Exams | AWS Certified Security – Specialty | Udemy Review & Coupon

Prepare for your SCS-C01 exam. This resource includes 100 practice test questions that have been written from scratch and comes with detailed explanations.

This course covers:

If you're preparing for the AWS Certified Security – Specialty exam, it can be daunting to know where to start. Fortunately, there are two practice tests available that can help you better prepare for the actual exam. Many of these tests are designed to replicate the same format and question types that will appear on the real exam. Furthermore, they are now accessible on mobile devices so you can practice anytime, anywhere.

About the author

Stephane Maarek

Stephane is a professional with expertise in solutions architecture, consulting, and software development, with a focus on Big Data, Cloud, and API. He is a highly successful instructor on Udemy, with bestselling courses on AWS and Apache Kafka.

Stéphane is an AWS Hero and holds certifications as an AWS Certified Solutions Architect Professional and AWS Certified DevOps Professional. He enjoys instructing individuals on the proper use of AWS, preparing them for their certifications and real-world applications.

In addition, he has a strong affinity for Apache Kafka. He is a member of the 2019 Program Committee responsible for organizing the Kafka Summit in New York, London, and San Francisco. He participates actively in the Apache Kafka community, writing blog posts on Medium and contributing a guest blog for Confluent.

Abhishek Singh

Abhishek has created an extensive library of AWS Certified Security – Specialty practice exams to help IT professionals be ready for the actual AWS Certification Exam. These practice exams are designed to provide comprehensive coverage of all the topics covered in the exam and also test the candidate’s knowledge and understanding of how to use AWS services to design secure systems, access management, and encryption technologies. The practice exams come with detailed explanations and links to official AWS documentation for further reading.

He is an experienced and certified cloud practitioner in the Amazon Web Services (AWS) space. He is highly qualified to lead teams of any size in designing, developing, and managing AWS-based solutions.

Abhishek has more than 14 years of experience working with various enterprise technologies focused on machine learning, big data, and analytics. He operates a thriving consultancy specializing in ML and Big Data, promoting AWS Cloud solutions and providing guidance to numerous US clients in designing and executing their ML and Big Data solutions with the AWS range of services.


The quality of something can often be self-evident.


A mid-sized company has implemented Amazon GuardDuty to oversee its AWS environment for potential security risks. The security team detected a significant amount of RDP brute force attacks coming from an Amazon EC2 instance and implemented measures to prevent potential problems. The security engineer at the company was given the responsibility of setting up an automated solution that could prevent any suspicious activity until the matter was analyzed and resolved.

What solution would be recommended for the security engineer to implement?

Configure Security Hub's ingestion of GuardDuty findings and transmission of events via EventBridge onto Kinesis Data Streams. To prevent traffic to and from the suspicious instance, update the security group to have no inbound or outbound rules and configure Kinesis Data Analytics to process the data stream.

Utilize Security Hub for ingestion of GuardDuty findings, sending events through EventBridge for triggering a Lambda function that updates the WAF web ACL, effectively blocking traffic from or towards the suspicious instance.

Configure Security Hub to receive GuardDuty findings, transmit events to EventBridge and activate a Lambda function that modifies network ACL rules to prevent traffic to/from the identified suspicious instance.

The process involves Security Hub consuming GuardDuty discoveries and transmitting occurrences to Kinesis Data Streams through EventBridge. The Lambda function has been configured to process the data stream and prevent traffic to/from the suspicious instance by modifying the security group's inbound and outbound rules.

Can you provide your estimation? Please scroll down to find the answer.

Correct: 4.


The process involves having Security Hub take in GuardDuty findings and sending events to Kinesis Data Streams through EventBridge. The Lambda function is set up to handle the data stream and prevent traffic to and from the suspicious instance by modifying the security group to remove its inbound and outbound rules configurations.

AWS Security Hub offers a holistic perspective of your security status in AWS and allows you to assess your surroundings according to security industry standards and best practices.

Security Hub gathers security data from various sources within AWS accounts, services (e.g. GuardDuty), and third-party partner products, enabling you to analyze security trends and detect critical security concerns.

How Security Hub works:

By utilizing the integration between Amazon EventBridge and Security Hub, AWS services can be automated to respond to system events such as application availability problems or resource modifications. Events generated by AWS services are reliably and quickly transmitted to EventBridge. It is possible to create basic guidelines to specify the desired events and automated tasks to execute when an event aligns with a guideline. The list of automatically triggered actions includes the following options.

Executing an AWS Lambda function.

Executing the Amazon EC2 run command.

The event is being transmitted to Amazon Kinesis Data Streams.

To initiate a state machine in AWS Step Functions.

The process of notifying an Amazon SNS topic or an Amazon SQS queue is a standard procedure.

Transferring a discovery to external ticketing, chat, SIEM, or incident response and management platform.

One possible approach to processing Security Hub events in Kinesis Data Streams involves utilizing a Lambda function that monitors any instances of `UnauthorizedAccess: EC2/RDPBruteForce` findings from GuardDuty that are transmitted through Security Hub. According to this discovery, an EC2 instance in your AWS environment was part of a brute force attack that targeted passwords for RDP services on Windows-based systems. The occurrence may suggest that your AWS resources have been accessed without authorization. The Lambda function has the capability to prevent traffic to and from a suspicious instance by modifying the security group and removing all inbound and outbound rules when it detects a matching finding.

Incorrect options:

To enhance security, it is recommended that Security Hub receive GuardDuty findings and send events via EventBridge. This will trigger a Lambda function that updates the WAF web ACL, blocking traffic from/to the suspicious instance. It should be noted that the WAF web ACL can only be applied on certain resource types, such as CloudFront distribution, Amazon's RESTful APIs, Application Load Balancer, AWS AppSync GraphQL APIs, and Amazon Cognito user pool. The use of AWS WAF enables control over the response of protected resources to HTTP(S) web requests. The use case pertains to RDP brute force attacks originating from an EC2, rendering the use of WAF web ACL irrelevant as it is incapable of monitoring traffic originating from an EC2.

To prevent traffic to/from a suspicious instance, a Lambda function can be triggered by EventBridge after Security Hub ingests GuardDuty findings. However, it is important to note that using Network ACL rules would affect all instances in a subnet. The traffic will not be isolated solely for suspicious instances. Therefore, this choice is not correct.

Configure the Security Hub to receive GuardDuty findings and transmit events to Kinesis Data Streams through EventBridge. Kinesis Data Analytics may be configured to process data streams and prevent traffic to/from a suspicious instance by modifying the security group's inbound and outbound rules. This can be done using Amazon Kinesis Data Analytics, which utilizes Apache Flink to analyze and transform streaming data in real time. Apache Flink is a framework and engine for processing data streams that is open-source. Kinesis Data Analytics simplifies the process of creating, overseeing, and incorporating Apache Flink applications with other AWS services. It has been noted that Kinesis Data Analytics is not a viable tool for updating instance, security groups.

These practice exams are designed to assist you in preparing for your AWS Certified Security - Specialty exam.

There are no restrictions on the number of times you may retake the exams.

This question bank is extensive and unique.

Instructors are available to provide support if you have any questions.

Every question is accompanied by a thorough explanation.

The Udemy app is compatible with mobile devices.

We offer a 30-day money-back guarantee for dissatisfaction.

We hope that at this point you have reached a conclusion. The course contains numerous additional questions.

Wishing you success in your AWS Certified Security - Specialty SCS-C01 exam and a productive learning journey.

This course is intended for:

This course is designed for individuals who are preparing for the AWS Certified Security Specialty SCS-C01 exam.


View full details

Skills for your future

Courses start at just $13.99