Free Amazon SCS-C03 Exam Questions
Absolute Free SCS-C03 Exam Practice for Comprehensive Preparation
-
Amazon SCS-C03 Exam Questions
-
Provided By: Amazon
- Exam: AWS Certified Security - Specialty
- Certification: AWS Certified Security
-
Total Questions: 178
-
Updated On: May 23, 2026
-
Rated: 4.9 |
-
Online Users: 356
-
Question 1
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
Answer: B
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
-
Question 2
-
A company needs to scan all AWS Lambda functions for code vulnerabilities.
Answer: B
-
A company needs to scan all AWS Lambda functions for code vulnerabilities.
-
Question 3
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
Answer: B
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
-
Question 4
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
Answer: B
-
A company is building a secure solution that relies on an AWS Key Management Service (AWS KMS)
customer managed key. The company wants to allow AWS Lambda to use the KMS key. However, the
company wants to prevent Amazon EC2 from using the key.
Which solution will meet these requirements?
-
Question 5
-
A company is using AWS to run a long-running analysis process on data that is stored in Amazon S3 buckets.
The process runs on a fleet of Amazon EC2 instances in an Auto Scaling group. The EC2 instances are
deployed in a private subnet that does not have internet access.
The EC2 instances access Amazon S3 through an S3 gateway endpoint that has the default access policy.
Each EC2 instance uses an instance profile role that allows s3:GetObject and s3:PutObject only for required
S3 buckets.
The company learns that one or more EC2 instances are compromised and are exfiltrating data to an S3
bucket that isoutside the company’s AWS Organization. The processing job must continue to function.
Which solution will meet these requirements?
Answer: A
-
A company is using AWS to run a long-running analysis process on data that is stored in Amazon S3 buckets.
The process runs on a fleet of Amazon EC2 instances in an Auto Scaling group. The EC2 instances are
deployed in a private subnet that does not have internet access.
The EC2 instances access Amazon S3 through an S3 gateway endpoint that has the default access policy.
Each EC2 instance uses an instance profile role that allows s3:GetObject and s3:PutObject only for required
S3 buckets.
The company learns that one or more EC2 instances are compromised and are exfiltrating data to an S3
bucket that isoutside the company’s AWS Organization. The processing job must continue to function.
Which solution will meet these requirements?