AWS AI Professional (AIP-C01) Exam Learning Path

AWS Certified Generative AI Developer – Professional (AIP-C01) Overview

The AWS Certified Generative AI Developer – Professional (AIP-C01) is AWS’s professional-level certification for developers who build and deploy production-ready Generative AI solutions. Launched in 2025, this certification validates your ability to integrate foundation models into applications, implement RAG architectures, design agentic AI systems, and operationalize GenAI solutions on AWS.

Exam Detail Information
Exam Code AIP-C01
Full Name AWS Certified Generative AI Developer – Professional
Level Professional
Number of Questions 75 (+ 10 unscored)
Duration 180 minutes
Passing Score 750 / 1000
Cost $300 USD
Format Multiple choice & multiple response
Testing Pearson VUE (center or online proctored)
Languages English, Japanese, Korean, Simplified Chinese
Validity 3 years

Target Candidate Profile

  • 2+ years building production-grade applications on AWS
  • 1+ year hands-on experience implementing Generative AI solutions
  • Experience with AWS compute, storage, networking, and security services
  • Understanding of AWS deployment, IaC tools, and monitoring services
  • Familiarity with AI/ML concepts and data engineering

Recommended prior certifications (not required): AWS Certified AI Practitioner (AIF-C01), AWS Solutions Architect Associate, AWS Machine Learning Engineer Associate

AIP-C01 Exam Domains & Weightings

Domain Weight Key Topics
Domain 1: Foundation Model Integration, Data Management & Compliance 31% RAG implementation, vector stores, prompt engineering, FM selection & customization, data pipelines
Domain 2: Implementation & Integration 26% Agentic AI, tool integrations, model deployment, enterprise integration, CI/CD, troubleshooting
Domain 3: AI Safety, Security & Governance 20% Data privacy, model security, Guardrails, responsible AI, compliance, access control
Domain 4: Operational Efficiency & Optimization 12% Cost optimization, performance tuning, scaling, monitoring, A/B testing
Domain 5: Testing, Validation & Troubleshooting 11% Model evaluation metrics, benchmarking, quality assurance, debugging

Domain 1: Foundation Model Integration, Data Management & Compliance (31%)

This is the largest domain and covers the core of building GenAI solutions on AWS.

Key Topics

  • Solution Design: Architecture design using FMs, proof-of-concept implementations, Well-Architected Framework GenAI Lens
  • FM Selection & Configuration: Model benchmarking, cross-region inference, fine-tuning (LoRA, adapters), model lifecycle management via SageMaker Model Registry
  • Data Pipelines: Data validation workflows (AWS Glue Data Quality), multimodal data processing, input formatting for FM inference
  • Vector Stores: Vector database architecture (OpenSearch, Aurora pgvector, Bedrock Knowledge Bases), metadata frameworks, embedding solutions (Amazon Titan Embeddings)
  • Retrieval Mechanisms (RAG): Document chunking strategies, hybrid search (keyword + vector), reranking models, query expansion & decomposition
  • Prompt Engineering & Governance: Amazon Bedrock Prompt Management, parameterized templates, prompt flows, chain-of-thought patterns, quality assurance

AWS Services to Study

Domain 2: Implementation & Integration (26%)

This domain focuses on building production systems with agentic AI and enterprise integrations.

Key Topics

  • Agentic AI: Bedrock Agents, Strands Agents, AWS Agent Squad, MCP (Model Context Protocol), ReAct patterns, multi-agent systems
  • Tool Integrations: Function calling, MCP servers (Lambda & ECS), custom tool behaviors, error handling
  • Model Deployment: Lambda for on-demand inference, Bedrock provisioned throughput, SageMaker endpoints, container-based deployment
  • Enterprise Integration: API Gateway, EventBridge event-driven architectures, CI/CD pipelines (CodePipeline, CodeBuild), GenAI gateway architectures
  • Troubleshooting: Context window overflow, prompt debugging, retrieval system diagnostics, embedding drift monitoring

AWS Services to Study

  • Amazon Bedrock Agents – Autonomous AI agents with tool use
  • Amazon Q Developer – AI-powered development assistant
  • AWS Step Functions – Workflow orchestration for AI pipelines
  • AWS Lambda – Serverless inference, MCP servers
  • Amazon API Gateway – Enterprise API integrations
  • AWS CodePipeline / CodeBuild – CI/CD for GenAI

Domain 3: AI Safety, Security & Governance (20%)

Security and responsible AI are critical at the professional level.

Key Topics

  • Data Privacy: Data encryption (at rest/in transit), PII detection and redaction, data residency compliance
  • Model Security: IAM least-privilege access to FMs, identity federation, role-based access control
  • Guardrails: Amazon Bedrock Guardrails – content filtering, topic denial, PII redaction, grounding checks
  • Responsible AI: Bias detection, fairness evaluation, transparency, human-in-the-loop workflows
  • Compliance: Cross-jurisdiction deployments (Outposts, Wavelength), audit logging (CloudTrail), governance frameworks

AWS Services to Study

  • Amazon Bedrock Guardrails – Content filtering, responsible AI controls
  • AWS IAM – Fine-grained access control for AI services
  • AWS CloudTrail – Audit logging for AI operations
  • AWS KMS – Encryption key management
  • Amazon Macie – PII detection in data stores

Domain 4: Operational Efficiency & Optimization (12%)

Key Topics

  • Cost Optimization: Model cascading (smaller models for simple tasks), provisioned throughput vs. on-demand, right-sizing
  • Performance Tuning: Latency optimization, token processing capacity, GPU utilization
  • Scaling: Auto-scaling SageMaker endpoints, Bedrock cross-region inference, load balancing
  • Monitoring: CloudWatch metrics for AI workloads, observability pipelines (X-Ray), drift detection

Domain 5: Testing, Validation & Troubleshooting (11%)

Key Topics

  • Model Evaluation: Relevance scoring, hallucination detection, semantic drift, RAGAS metrics
  • Agent Evaluation: Task completion rates, tool usage effectiveness, Amazon Bedrock Agent evaluations
  • Retrieval Quality: Context matching verification, retrieval latency, embedding quality diagnostics
  • Deployment Validation: A/B testing, canary deployments, synthetic user workflows, automated quality checks

Recommended Study Resources

Video Courses

Course Platform Notes
Ultimate AWS Certified Generative AI Developer Professional by Stephane Maarek Udemy Comprehensive course with hands-on labs and 75-question practice exam
AWS Certified Generative AI Developer Professional AIP-C01 Udemy Security, governance, cost optimization focus
Exam Prep: AWS Certified Generative AI Developer AWS Skill Builder Official AWS exam prep (free with subscription)
Generative AI Developer Professional KodeKloud Hands-on labs with AWS sandbox environments

Practice Tests

Resource Platform Questions
[Practice Exams] AWS Certified Generative AI Developer Pro by Stephane Maarek & Abhishek Singh Udemy Multiple full-length exams with explanations
AWS Certification Official Practice Question Set AWS Skill Builder 20 official questions (free)
AWS Certification Official Pretest AWS Skill Builder Full-length readiness assessment
Whizlabs AIP-C01 Practice Tests Whizlabs Multiple practice exams with explanations

Documentation & Reading

10-Week Study Plan

Week Focus Area Activities
Week 1 Exam Overview & Foundations Read exam guide, review AI Services Cheat Sheet, understand all 5 domains and weightings
Week 2 Amazon Bedrock Core Study Amazon Bedrock, FM selection, model invocation APIs, Nova models, Titan Embeddings
Week 3 RAG & Vector Stores Study Bedrock Knowledge Bases, chunking strategies, OpenSearch vector search, hybrid search, reranking
Week 4 Prompt Engineering & Fine-tuning Bedrock Prompt Management, Prompt Flows, chain-of-thought, LoRA fine-tuning, SageMaker model customization
Week 5 Agentic AI & Tool Integration Study Bedrock Agents, Strands Agents, MCP, function calling, multi-agent orchestration, ReAct patterns
Week 6 Enterprise Integration & Deployment API Gateway integration, Step Functions workflows, CI/CD for GenAI (CodePipeline), container deployment patterns, Q Developer
Week 7 Security, Governance & Responsible AI Bedrock Guardrails, IAM for AI services, data privacy, PII handling, compliance, responsible AI practices
Week 8 Optimization & Monitoring Cost optimization (model cascading, provisioned throughput), performance tuning, CloudWatch metrics, X-Ray observability
Week 9 Testing, Evaluation & Troubleshooting Model evaluation metrics, agent evaluations, retrieval quality testing, deployment validation, debugging GenAI apps
Week 10 Review & Practice Exams Take 2-3 full practice exams, review weak areas, re-read exam guide, focus on scenario-based questions

Study Tips

  • Hands-on practice is essential – This is a professional-level exam; build actual RAG pipelines and deploy agents on AWS
  • Focus on Domain 1 & 2 – Together they represent 57% of the exam
  • Understand scenario-based questions – Questions are long and test architectural decision-making, not memorization
  • Know the trade-offs – When to use Bedrock vs. SageMaker, on-demand vs. provisioned throughput, different chunking strategies
  • Practice with time management – 180 minutes for 75 complex questions means ~2.4 minutes per question

AIP-C01 Practice Questions

Question 1

A company is building a customer support chatbot using Amazon Bedrock. The chatbot needs to answer questions based on 50,000 internal product documents that are updated weekly. The solution must minimize hallucinations and provide source citations. Which architecture best meets these requirements?

  1. Fine-tune a foundation model on all product documents monthly
  2. Use Amazon Bedrock Knowledge Bases with automatic chunking, vector store synchronization, and source attribution enabled
  3. Include all product documents in the system prompt for each request
  4. Train a custom model using Amazon SageMaker with the product documents as training data
Show Answer

Answer: B – Amazon Bedrock Knowledge Bases provides managed RAG with automatic document chunking, scheduled sync for weekly updates, vector store management, and built-in source attribution. Fine-tuning (A/D) doesn’t provide up-to-date factual recall, and including all documents in the prompt (C) exceeds context window limits.

Question 2

A developer is implementing an agentic AI solution that needs to query a company’s internal database, call external APIs, and generate reports. The solution must handle failures gracefully and maintain conversation state. Which combination of services should be used? (Select TWO)

  1. Amazon Bedrock Agents with action groups and Lambda functions
  2. Amazon Comprehend with custom entity recognition
  3. Amazon DynamoDB for conversation history and session state
  4. Amazon Kinesis Data Streams for real-time processing
  5. Amazon Rekognition for document analysis
Show Answer

Answer: A, C – Bedrock Agents with action groups handle tool orchestration (database queries, API calls) with built-in error handling and ReAct reasoning. DynamoDB stores conversation history for state management. Comprehend (B), Kinesis (D), and Rekognition (E) don’t address the agentic workflow requirements.

Question 3

An organization needs to ensure their GenAI application does not generate responses about competitor products, does not reveal PII from training data, and stays within approved topic boundaries. Which approach provides the MOST comprehensive solution?

  1. Implement input validation using AWS Lambda functions
  2. Configure Amazon Bedrock Guardrails with denied topics, PII filters, and content filters
  3. Use system prompts to instruct the model to avoid certain topics
  4. Fine-tune the model to remove knowledge about competitors
Show Answer

Answer: B – Amazon Bedrock Guardrails provides configurable denied topics, automated PII detection/redaction, and content filters that work at both input and output levels. System prompts (C) can be bypassed through prompt injection. Lambda validation (A) only handles input. Fine-tuning (D) cannot reliably remove specific knowledge.

Question 4

A team has deployed a GenAI application using Amazon Bedrock. After launch, they notice that response latency increases during peak hours and costs are 3x their budget. The application handles both simple FAQ queries and complex analytical questions. What is the MOST cost-effective optimization strategy?

  1. Switch all requests to the largest available model for better performance
  2. Implement model cascading: route simple queries to a smaller/cheaper model and complex queries to a larger model using a classification layer
  3. Purchase provisioned throughput for the maximum expected load
  4. Cache all responses in Amazon ElastiCache and serve cached answers for all queries
Show Answer

Answer: B – Model cascading routes simple queries to smaller, faster, cheaper models while reserving larger models for complex tasks. This optimizes both cost and latency. Using only the largest model (A) increases cost. Maximum provisioned throughput (C) over-provisions for average load. Caching all responses (D) doesn’t work for analytical questions requiring unique answers.

Question 5

A developer is building a RAG application and notices that retrieved documents are often irrelevant, leading to poor response quality. The documents are technical manuals with hierarchical structure (chapters, sections, subsections). Which combination of improvements will MOST effectively address retrieval quality? (Select TWO)

  1. Increase the chunk size to 10,000 tokens to capture more context
  2. Implement hierarchical chunking that preserves document structure and parent-child relationships
  3. Use hybrid search combining semantic vector search with keyword-based BM25 scoring
  4. Reduce the number of retrieved documents to 1 to increase precision
  5. Switch from vector search to simple keyword search
Show Answer

Answer: B, C – Hierarchical chunking preserves the document structure, maintaining context relationships between sections. Hybrid search combines the semantic understanding of vector search with the precision of keyword matching, improving relevance for technical content. Very large chunks (A) reduce precision. Only 1 document (D) may miss relevant information. Keyword-only search (E) loses semantic understanding.

Related Posts

References

Frequently Asked Questions

What is the AIP-C01 exam?

The AWS Certified AI Practitioner Professional (AIP-C01) validates ability to build, deploy, and operationalize generative AI solutions on AWS. It covers RAG implementation, agent design, MLOps, model security, and evaluation — requiring hands-on experience with Bedrock, SageMaker, and related services.

How does AIP-C01 differ from AIF-C01?

AIF-C01 (AI Practitioner) is foundational — testing conceptual knowledge of AI/ML. AIP-C01 (AI Professional) is advanced — testing hands-on ability to implement Gen AI solutions, fine-tune models, build agents, deploy with MLOps pipelines, and secure AI applications.

What experience do I need for AIP-C01?

AWS recommends 2+ years of hands-on experience building ML/Gen AI solutions on AWS, including working with Bedrock, SageMaker, and implementing RAG, fine-tuning, and agent architectures in production.

AWS Security Specialty (SCS-C03) Exam Learning Path

AWS Certified Security – Specialty (SCS-C03) Exam Learning Path

The AWS Certified Security – Specialty (SCS-C03) exam validates advanced security skills for designing and implementing AWS security solutions. This updated version went live on December 2, 2025, replacing the SCS-C02. This comprehensive learning path covers everything you need to pass the exam — domains, study resources, an 8-week study plan, exam topics with links, and practice questions.

SCS-C03 Exam Overview

Detail Value
Exam Code SCS-C03
Format 65 questions (multiple-choice, multiple-response, ordering, matching)
Duration 170 minutes
Passing Score 750 / 1000
Cost $300 USD
Delivery Pearson VUE (testing center or online)
Prerequisite None required (5+ years security experience recommended)
Live Since December 2, 2025

Refer to the AWS Certified Security – Specialty (SCS-C03) Exam Guide

SCS-C03 Exam Domains

Domain Weight Key Topics
Domain 1: Detection 16% GuardDuty, Security Hub, Detective, CloudTrail, VPC Flow Logs, Security Lake (OCSF)
Domain 2: Incident Response 14% Automated remediation, forensics, containment, AWS Security Incident Response
Domain 3: Infrastructure Security 18% VPC, Network Firewall, WAF, Verified Access, Firewall Manager, Shield
Domain 4: Identity and Access Management 20% IAM policies, Verified Permissions/Cedar, Identity Center, SCPs, RCPs, Cognito
Domain 5: Data Protection 18% KMS, CloudHSM, ACM, inter-node encryption, data masking, Bedrock Guardrails
Domain 6: Security Foundations & Governance 14% Organizations, Control Tower, Config, compliance frameworks, AWS Audit Manager

What’s New in SCS-C03 vs SCS-C02

Key Changes in SCS-C03

  • Generative AI Security — Amazon Bedrock Guardrails, OWASP LLM Top 10 protections, AgentCore security, and SageMaker AI model protection are now in scope.
  • OCSF & Security Lake — Open Cybersecurity Schema Framework (OCSF) normalization and Amazon Security Lake for centralized security data analytics.
  • IAM Weight Increased — Domain 4 (IAM) increased from 16% to 20%, reflecting identity as the new security perimeter.
  • SNS/CloudWatch Data Protection — Data masking policies for CloudWatch Logs and Amazon SNS message data protection.
  • Inter-node Encryption — Encryption in-transit between nodes for Amazon EMR, EKS, SageMaker AI, and Nitro enclaves.
  • AWS Verified Access — Zero-trust network access without VPNs now explicitly tested.
  • Amazon Verified Permissions & Cedar — Fine-grained authorization using Cedar policy language with RBAC and ABAC models.
  • Domain Restructuring — Detection and Incident Response are now separate domains; “Management and Security Governance” renamed to “Security Foundations & Governance.”
  • New Question Types — Ordering (arrange steps in sequence) and matching (match services to functions) alongside traditional multiple-choice.

Recommended Study Resources

Online Courses

Practice Tests

AWS Official Resources

Whitepapers & Cheat Sheets

8-Week Study Plan

This plan assumes 1.5–2 hours of study per day. Adjust timelines based on your existing AWS security experience.

Week Focus Area Activities
Week 1 IAM Foundations (Domain 4)
  • IAM policies (identity-based, resource-based, permission boundaries)
  • IAM Access Analyzer, policy evaluation logic
  • SCPs, RCPs, and Declarative Policies
  • Hands-on: Write and test IAM policies with conditions
Week 2 Advanced IAM & Identity (Domain 4)
  • IAM Identity Center (SSO), federation (SAML, OIDC)
  • Amazon Verified Permissions & Cedar policy language
  • Cognito User Pools & Identity Pools
  • Cross-account access patterns, role chaining
  • Hands-on: Configure Verified Permissions with Cognito
Week 3 Data Protection (Domain 5)
  • KMS (key policies, grants, multi-region keys, imported key material, XKS)
  • Envelope encryption, S3 encryption options
  • CloudHSM, ACM, Private CA
  • Inter-node encryption (EMR, EKS, SageMaker, Nitro)
  • Data masking: CloudWatch Logs data protection, SNS message data protection
  • Hands-on: Create KMS keys with custom policies, enable S3 default encryption
Week 4 Infrastructure Security (Domain 3)
  • VPC security: Security Groups, NACLs, VPC endpoints, Flow Logs
  • AWS Network Firewall (stateful/stateless rules, IDS/IPS)
  • AWS WAF (Web ACLs, rate-based rules, managed rule groups)
  • AWS Verified Access (zero-trust without VPN)
  • Firewall Manager for centralized management
  • Shield & Shield Advanced, DDoS mitigation
  • Hands-on: Deploy Network Firewall with custom rules
Week 5 Detection (Domain 1)
  • GuardDuty (runtime monitoring, extended threat detection, malware protection)
  • Amazon Detective (behavior graphs, investigation)
  • Amazon Security Lake & OCSF format
  • Security Hub (controls, standards, cross-region aggregation)
  • CloudTrail (Lake, Insights, organization trails)
  • CloudWatch alarms, metric filters, anomaly detection
  • Hands-on: Enable GuardDuty with EKS runtime monitoring, query Security Lake
Week 6 Incident Response & GenAI Security (Domains 2 & 5)
  • AWS Security Incident Response service
  • Automated remediation (EventBridge → Lambda/Step Functions)
  • Forensics: EBS snapshots, memory dumps, isolated VPCs
  • Amazon Bedrock Guardrails (content filters, denied topics, PII detection)
  • OWASP LLM Top 10 (prompt injection, data poisoning, model DoS)
  • AgentCore security controls
  • Hands-on: Build automated remediation for GuardDuty findings
Week 7 Governance & Review (Domain 6)
  • AWS Organizations, Control Tower, landing zones
  • AWS Config rules and remediation
  • AWS Audit Manager, Artifact
  • Well-Architected Security Pillar review
  • Multi-account security strategies
  • Review all domains — focus on weak areas identified in practice tests
  • Take first full-length practice exam (target: 70%+)
Week 8 Practice Exams & Final Review
  • Take 2–3 full-length practice exams (target: 80%+ consistently)
  • Review incorrect answers — identify knowledge gaps
  • Re-read AWS FAQs for GuardDuty, KMS, IAM, Security Hub
  • Review ordering/matching question formats
  • Light review on exam day — no cramming

Pro tip: Start with IAM and KMS because they appear across every domain. If you’re scoring below 75% on practice exams by Week 7, extend to 10 weeks.

Exam Topics & Related Posts

Domain 1: Detection (16%)

  • Amazon GuardDuty — Threat detection using CloudTrail, VPC Flow Logs, DNS logs, EKS audit logs. Covers runtime monitoring, extended threat detection, and malware protection.
  • Amazon Detective — Security investigation using behavior graphs from CloudTrail, VPC Flow Logs, and GuardDuty findings.
  • AWS Security Hub — Centralized security posture management, automated compliance checks (CIS, PCI DSS, AWS Foundational), and cross-account/cross-region aggregation.
  • Amazon Security Lake — Centralizes security data in OCSF format from AWS services, SaaS providers, and on-premises sources for security analytics.
  • AWS CloudTrail — Audit logging, CloudTrail Lake for SQL-based event querying, Insights for anomaly detection, organization trails.
  • Amazon CloudWatch — Metric filters, alarms, anomaly detection, CloudWatch Logs with data protection policies for sensitive data masking.
  • Amazon Inspector — Automated vulnerability scanning for EC2, ECR containers, and Lambda functions.
  • Amazon Macie — ML-powered sensitive data discovery and classification in S3.

Domain 2: Incident Response (14%)

  • AWS Security Incident Response — Automated triage of GuardDuty and Security Hub findings, AI-powered investigation, containment, and 24/7 CIRT access.
  • Automated Remediation Patterns:
    • GuardDuty → EventBridge → Lambda (isolate instance, revoke credentials)
    • Config Rule → EventBridge → Systems Manager Automation (remediate non-compliant resources)
    • Security Hub → EventBridge → Step Functions (multi-step workflows)
  • Forensics: EBS snapshot isolation, memory acquisition, VPC isolation for compromised instances, CloudTrail Lake investigation.
  • AWS Config — Resource configuration history, compliance rules, and automated remediation.

Domain 3: Infrastructure Security (18%)

  • AWS VPC — Security Groups, NACLs, VPC endpoints (Gateway & Interface/PrivateLink), VPC Flow Logs, VPC peering, Transit Gateway.
  • AWS Network Firewall — Stateful/stateless inspection, IDS/IPS, Suricata-compatible rules, centralized deployment via Firewall Manager.
  • AWS WAF — Web ACLs, managed rule groups, rate-based rules, Bot Control, Fraud Control (Account Takeover/Creation), IP reputation lists.
  • Network Firewall vs WAF vs Security Groups vs NACLs — Understanding when to use each layer.
  • Network Firewall vs Gateway Load Balancer — Choosing between AWS-managed and third-party appliances.
  • AWS Verified Access — Zero-trust access to corporate applications without VPN, evaluating requests against security policies in real-time.
  • AWS Firewall Manager — Centrally configure WAF, Shield Advanced, Security Groups, Network Firewall, and DNS Firewall rules across Organizations.
  • AWS Shield & Shield Advanced — DDoS protection for CloudFront, Route 53, ALB, and Global Accelerator.
  • AWS VPN — Site-to-site VPN, IPSec encryption, VPN over Direct Connect.

Domain 4: Identity and Access Management (20%)

  • AWS IAM Overview — Users, groups, roles, and policy evaluation logic.
  • IAM Access Management — Identity-based policies, resource-based policies, permission boundaries, session policies.
  • IAM Roles — Cross-account access, service roles, role chaining, confused deputy protection.
  • IAM Federation — SAML 2.0, OIDC, custom identity brokers.
  • IAM Best Practices — Least privilege, MFA enforcement, credential rotation.
  • Amazon Verified Permissions — Fine-grained authorization using Cedar policy language, supporting RBAC and ABAC models, integrating with Cognito and API Gateway.
  • IAM Identity Center (formerly SSO) — Centralized workforce identity management for multi-account access with SAML 2.0 and SCIM provisioning.
  • Amazon Cognito — User Pools for authentication, Identity Pools for temporary AWS credentials.
  • AWS OrganizationsSCPs, Resource Control Policies (RCPs), Declarative Policies, AI service opt-out policies.
  • IAM Access Analyzer — External access findings, unused access findings, custom policy checks, and policy generation based on access activity.

Domain 5: Data Protection (18%)

  • AWS KMS — Key policies, grants, multi-region keys, imported key material, External Key Store (XKS), ViaService conditions.
  • Envelope Encryption — Data keys encrypted by KMS CMKs for efficient large-data encryption.
  • S3 Encryption — SSE-S3, SSE-KMS, SSE-C, client-side encryption, bucket keys, default encryption.
  • S3 Security — Bucket policies, ACLs, Block Public Access, Access Points, Object Lock.
  • AWS Certificate Manager (ACM) — Public/private certificates, Private CA for internal resources, cross-region certificate management.
  • AWS Secrets Manager — Automatic rotation, cross-region replication, comparison with Parameter Store.
  • Inter-node Encryption — Amazon EMR (in-transit encryption), EKS (pod-to-pod with service mesh), SageMaker (inter-container training encryption), Nitro enclaves.
  • Data Masking — CloudWatch Logs data protection policies for masking PII/PHI, Amazon SNS message data protection for filtering sensitive data in messages.
  • Amazon Bedrock Guardrails — Content filters, denied topics, word filters, sensitive information filters (PII), contextual grounding checks for GenAI security.

Domain 6: Security Foundations & Governance (14%)

  • AWS Organizations — Multi-account strategy, OU structure, consolidated billing.
  • AWS Control Tower — Landing zone setup, guardrails (preventive, detective, proactive).
  • AWS Config — Configuration recording, managed/custom rules, conformance packs, remediation.
  • AWS RAM — Secure cross-account resource sharing within Organizations.
  • AWS Audit Manager — Automated evidence collection, prebuilt frameworks (SOC 2, PCI DSS, GDPR).
  • AWS Artifact — On-demand access to compliance reports and agreements.
  • CloudTrail — Organization trails, log file integrity validation, integration with Security Lake.

SCS-C03 Practice Questions

Test your readiness with these sample questions covering new SCS-C03 topics:

Question 1 — GenAI Security (Domain 5)

A company uses Amazon Bedrock to power a customer-facing chatbot. The security team needs to prevent the model from generating content about competitors, block personally identifiable information (PII) in responses, and log all denied requests. Which combination of actions should the security engineer take? (Choose TWO)

  1. Create a Bedrock Guardrail with denied topics for competitor names and enable the sensitive information filter for PII detection.
  2. Use an AWS WAF web ACL with custom rules to inspect Bedrock API request/response bodies.
  3. Configure CloudTrail data events for Bedrock model invocations and create a CloudWatch metric filter for guardrail interventions.
  4. Deploy a Lambda@Edge function on CloudFront to scan all responses for PII before delivery.
  5. Enable Bedrock model access logging to S3 and use Macie to scan the logs for PII.
Show Answer

Correct: A, C

Explanation: Bedrock Guardrails (A) provide native content filtering with denied topics and sensitive information filters for PII — this is the purpose-built solution for controlling model outputs. CloudTrail data events with CloudWatch metric filters (C) provide the logging and alerting for denied requests. WAF (B) operates at the HTTP layer and cannot inspect Bedrock model response content. Lambda@Edge (D) doesn’t have access to Bedrock API responses. Macie (E) discovers PII in S3 objects but doesn’t prevent PII in real-time responses.

Question 2 — Verified Permissions & Cedar (Domain 4)

A SaaS application needs fine-grained authorization where users can access only their own documents, and managers can access documents of all team members. The authorization decisions must be evaluated in under 10ms and support both role-based and attribute-based access control. Which solution meets these requirements?

  1. Write IAM policies with conditions for each user and attach them to Cognito Identity Pool roles.
  2. Use Amazon Verified Permissions with Cedar policies that define role-based rules for managers and attribute-based rules matching document owner to the requesting user.
  3. Deploy a custom authorization Lambda function that queries DynamoDB for user-document mappings on each request.
  4. Use API Gateway resource policies with IAM conditions to restrict document access based on the caller’s identity.
Show Answer

Correct: B

Explanation: Amazon Verified Permissions is purpose-built for fine-grained application authorization using the Cedar policy language. It supports both RBAC (role-based — managers can access team documents) and ABAC (attribute-based — users can access their own documents) in a single policy store with low-latency evaluation. IAM policies (A) are for AWS resource access, not application-level authorization. A custom Lambda (C) adds complexity and may not meet 10ms latency. API Gateway resource policies (D) are coarse-grained and don’t support per-document authorization.

Question 3 — Security Lake & OCSF (Domain 1)

A security operations team needs to centralize security findings from GuardDuty, Security Hub, CloudTrail, and VPC Flow Logs across 50 AWS accounts into a single queryable data store using a standardized schema. Third-party SIEM tools must be able to consume this data. Which approach meets these requirements with the LEAST operational overhead?

  1. Configure each account to send findings to a centralized S3 bucket using EventBridge rules, then use Athena for querying.
  2. Enable Amazon Security Lake as a delegated administrator in the Organizations management account, which automatically collects and normalizes data to OCSF format and provides subscriber access for third-party tools.
  3. Deploy a Kinesis Data Firehose in each account to stream logs to a central OpenSearch cluster with custom parsing rules.
  4. Use CloudTrail Lake with organization-level event data stores for all accounts and grant third-party tools direct query access.
Show Answer

Correct: B

Explanation: Amazon Security Lake automatically collects security data from multiple sources (GuardDuty, Security Hub, CloudTrail, VPC Flow Logs, Route 53, S3, Lambda, EKS), normalizes it to the Open Cybersecurity Schema Framework (OCSF), and stores it in a purpose-built data lake. It supports subscriber access for third-party SIEM tools with minimal operational overhead. Option A requires custom schema normalization. Option C adds significant operational complexity. Option D (CloudTrail Lake) only covers CloudTrail events, not all the required sources.

Question 4 — Inter-node Encryption (Domain 5)

A company runs distributed machine learning training jobs on Amazon SageMaker AI using multiple instances. The compliance team requires that all data transmitted between training instances during distributed training is encrypted in transit. How should the security engineer meet this requirement?

  1. Deploy the training instances in a private subnet with a security group that only allows HTTPS traffic between instances.
  2. Enable inter-container traffic encryption in the SageMaker training job configuration.
  3. Configure a VPN connection between each training instance using AWS Site-to-Site VPN.
  4. Use AWS PrivateLink endpoints for all communication between SageMaker training instances.
Show Answer

Correct: B

Explanation: SageMaker AI provides a native inter-container traffic encryption option that encrypts all data transmitted between training instances during distributed training. This is enabled via the EnableInterContainerTrafficEncryption parameter in the training job configuration. Security groups (A) control traffic flow but don’t encrypt it. Site-to-Site VPN (C) is for on-premises to AWS connectivity. PrivateLink (D) is for accessing AWS services privately, not for inter-instance communication within a training job.

Question 5 — Verified Access & Zero Trust (Domain 3)

A company wants to provide remote employees access to internal web applications without requiring a VPN. Access must be granted based on the user’s identity (from the corporate IdP), device security posture, and the specific application being accessed. All access decisions must be logged. Which solution meets these requirements?

  1. Deploy an Application Load Balancer with OIDC authentication action rules that validate tokens from the corporate IdP.
  2. Configure AWS Client VPN with certificate-based mutual authentication and posture assessment.
  3. Set up AWS Verified Access with trust providers for the corporate IdP and a device management solution, create access policies per application, and enable access logs.
  4. Use Amazon CloudFront with Lambda@Edge functions that validate JWT tokens and check device certificates.
Show Answer

Correct: C

Explanation: AWS Verified Access provides zero-trust network access to corporate applications without a VPN. It evaluates each request against access policies using trust providers (identity providers for user identity and device management solutions for device posture). Access logs capture all authorization decisions. ALB with OIDC (A) validates identity but doesn’t assess device posture or provide zero-trust per-request evaluation. Client VPN (B) contradicts the no-VPN requirement. CloudFront with Lambda@Edge (D) requires custom development and doesn’t natively integrate with device posture providers.

Exam Day Tips

  • Time management: 170 minutes for 65 questions = ~2.5 minutes per question. Ordering and matching questions take longer — budget 3–4 minutes for those.
  • Mark and move: Flag difficult questions and return after completing all others.
  • Elimination strategy: On multi-choice questions, eliminate 2 obviously wrong answers first, then focus on the remaining 2.
  • Read carefully: Questions have significant prose. Identify the key requirement (cost, security, least operational overhead) before evaluating answers.
  • Ordering questions: Think about logical dependencies — what must happen before what? E.g., you must isolate before you investigate.
  • Online exam: Join 30 minutes early. Clear your desk. No external monitors, phones, or watches.
  • ESL accommodation: Request 30 extra minutes if English is not your first language.

All the best! 🎯

Frequently Asked Questions

What is the AWS SCS-C03 exam?

The AWS Certified Security – Specialty (SCS-C03) is an advanced certification for security professionals. It has 65 questions over 170 minutes, requires 750/1000 to pass, costs $300, and covers 6 domains: Detection, Incident Response, Infrastructure Security, IAM, Data Protection, and Security Foundations.

What changed from SCS-C02 to SCS-C03?

Key changes include: GenAI security topics (Bedrock Guardrails, OWASP LLM Top 10), OCSF/Security Lake integration, IAM weight increased from 16% to 20%, new services (Verified Access, Verified Permissions), inter-node encryption, SNS data protection, and domain restructuring (Detection + Incident Response split).

How long should I study for SCS-C03?

With 2+ years of AWS security experience, 8-10 weeks of dedicated study is recommended. Focus on hands-on labs with IAM policies, KMS, GuardDuty, Security Hub, and the new GenAI security features in Bedrock.