Certified Cloud Security Practitioner–AWS

Certified Cloud Pentesting eXpert-AWS

Certified Cloud Security Practitioner–AWS
(CCSP-AWS)

Certified Cloud Security Practitioner (CCSP-AWS) is an entry-level exam to test and validate a candidate’s knowledge on the core concepts of AWS cloud security.

  • MCQ
  • 1 Hour
  • Online
  • On-demand
  • Factual and Scenario based questions
£100

Our Candidates Say it Best

Shreyash Kumar

Cyber Security Enthusiast | CSE @ KIIT | Nokia HoF[ x2 ] | CCSP-AWS @The SecOps Group | CCSP-AWS

I am grateful to share that I have achieved the Certified Cloud Security Practitioner-AWS (CCSP-AWS) certification from The SecOps Group. Key Topics Covered: 1. Identity & Access Management (IAM, Cognito, SCP), 2. Data Security (KMS, Secrets Manager, Certificate Manager), 3. Infrastructure Security (VPC, Security Groups, Network ACL, Load Balancer), 4. Monitoring & Incident Response (CloudWatch, CloudTrail, Detective), 5. Common Security Issues & Best Practices (ECS, EKS, EC2, S3, Lambda). Thank you The SecOps Group and Sumit Siddharth sir for the exam voucher. It was a challenging but valuable learning experience.

Jeremías Esteban Castillo Morillo

Jeremías Esteban Castillo Morillo

Red Team Operator | DFIR | CSIRT | SOC Analyst | Cybersecurity | CCSP-AWS

To test the knowledge acquired, I took a 60-question theoretical exam offered by The SecOps Group, known for its high-quality assessments. I was pleasantly surprised by the way the questions addressed real situations and practical scenarios that any professional can face when managing cloud infrastructures. Not only did this exam allow me to validate my skills, but it also provided me with valuable insights that perfectly complement my daily work.

Sahil Sharma

Security Researcher | CCSP-AWS

Delighted to share that I've successfully passed the Certified Cloud Security Practitioner–AWS (CCSP-AWS) Exam with merit! 🏅 🎉 This certification offered by The SecOps Group validates the understanding of AWS security principles and CSPM through practical scenario-based questions.

Who should take this exam?

Certified Cloud Security Practitioner CCSP-AWS is intended to be taken by security engineers, security analysts, solution architects, cloud solution developers, threat analysts, penetration testers, red and blue team members and any security enthusiast, with a strong knowledge in the area of cloud security who wants to evaluate and advance their knowledge.

What is the format of the exam?

The exam includes Multiple Choice Questions (MCQs) covering the syllabus. The time duration of the exam is 60 minutes. The exam will be proctored but can be taken online, anytime (on-demand) and from anywhere. The exam will cover a variety of questions which are both factual and scenario based.

What is the pass criteria for the exam?

The pass criteria are as follows:

  • Candidates scoring over 60% marks will be deemed to have successfully passed the exam.
  • Candidates scoring over 75% marks will be deemed to have passed with merit.

What is the experience needed to take the exam?

This is an entry-level exam which will validate the candidate's understanding of core fundamentals related to the AWS cloud and related security topics. Candidates should have knowledge of common cloud security misconfigurations, best security practices, defense-in-depth measures as well as an overview of monitoring and responding against the common security threats on AWS cloud.

Note: Professional pentesting is not a requirement for this exam.

What will the candidates get?

On completing the exam, each candidate will receive:

  • A certificate with their pass/fail and merit status.
  • The certificate will contain a code/QR link, which can be used by anyone to validate the certificate.

What is the exam retake policy?

Candidates who fail the exam, must purchase a new exam voucher to retake the exam.

What are the benefits of this exam?

The certificate will allow candidates to demonstrate their understanding of AWS Cloud Security. This will help them to advance in their career.

How long is the certificate valid for?

The certificate does not have an expiration date. However, the passing certificate will mention the details of the exam such as the exam version and the date. As the exam is updated over time, candidates should retake the newer version as per their convenience.

Exam Syllabus

 

Authentication, Authorization and Access Control

  • AWS Identity and Access Management
  • AWS Cognito
  • AWS Service Control Policies
 

Data Security

  • AWS Key Management Service (KMS)
  • AWS Secrets Manager
  • AWS Certificate Manager
 

Compliance and Governance

  • AWS Config
  • AWS Organizations
 

Infrastructure Security

  • AWS Virtual Private Cloud (VPC)
  • AWS Security Group
  • AWS Network ACL
 

Monitoring and Incident Response

  • AWS CloudWatch
  • AWS CloudTrail
  • AWS Detective
  • AWS GuardDuty
 

Common Security Issues Related to AWS Services

  • AWS Elastic Container Services (ECS)
  • AWS Elastic Kubernetes Services (EKS)
  • AWS Elastic Compute Services (EC2)
  • AWS Simple Storage Services (S3)
  • AWS Lambda Functions
 

Common Application Security Attacks on AWS Cloud

  • Such as:
    1. Broken Access Control
    2. Server Side Request Forgery
    3. SQL Injection
    4. Code Injection
  • Best Security Practices

Sample Question

Consider a scenario where you receive an alert that indicates that your EC2 instance behind ELB Classic Load Balancer has been compromised. Which of the following options will you choose to limit the lateral movement and allow evidence gathering?

  • Remove the instance from the load balancer and terminate it.
  • Remove the instance from the load balancer, and shut down access to the instance by tightening the security group.
  • Reboot the instance and check for any Amazon CloudWatch alarms.
  • Stop the instance and make a snapshot of the root EBS volume.