Amazon Web Services

AWS Security – Specialty

AWS Certified Security – Specialty (SCS-C02)

AWS's specialty certification validating expertise in securing AWS workloads, covering threat detection, logging, infrastructure security, IAM, and data protection. Valued for cloud security engineer roles.

$300170 minutes

What's on the exam

SCS-C02 Exam Guide

Threat Detection and Incident Response

14%

Incident response plans · GuardDuty and threat detection · Automated remediation · Forensics and investigation · Containment strategies

Security Logging and Monitoring

18%

CloudTrail and CloudWatch · Log design and analysis · Monitoring and alerting · AWS Config and Security Hub · Troubleshooting logging

Infrastructure Security

20%

Edge and network security · VPC security controls · Compute and endpoint security · WAF, Shield, and Firewall Manager · Secure network architecture

Identity and Access Management

16%

IAM authentication and authorization · Federation and identity providers · Resource and policy design · Least-privilege strategies · Troubleshooting access

Data Protection

18%

Encryption at rest and in transit · AWS KMS and CloudHSM key management · Secrets management · Data lifecycle and retention · Certificate management

Management and Security Governance

14%

Multi-account governance · AWS Organizations and SCPs · Cost and compliance controls · Secure account provisioning · Centralized security management

Frequently asked questions

How much does the AWS Security – Specialty cost?

The AWS Security – Specialty costs $300. Standard exam fee; a 50% discount voucher is issued after passing any AWS exam.

How long is the AWS Security – Specialty and how many questions does it have?

65 items (50 scored) — 170 minutes.

What do you need to pass the AWS Security – Specialty?

750 on a scale of 100–1000.

Can you retake the AWS Security – Specialty?

14-day wait between attempts.

What is the best way to study for the AWS Security – Specialty?

Study the official blueprint, not random material: the exam is weighted by domain (Threat Detection and Incident Response 14%, Security Logging and Monitoring 18%, Infrastructure Security 20%, Identity and Access Management 16%, Data Protection 18%, Management and Security Governance 14%). Spaced-repetition flashcards built domain-by-domain against that blueprint are the most time-efficient way to cover everything the exam tests.

Program in development

We're building a blueprint-complete program for this exam. Meanwhile, explore live programs across 11 exam.

Explore programs →

At a glance

Format: Multiple-choice and multiple-response questions
Questions: 65 items (50 scored)
Duration: 170 minutes
Passing: 750 on a scale of 100–1000
Eligibility: No prerequisites; AWS recommends 3–5 years of security experience and 2+ years securing AWS workloads
Validity / renewal: 3 years — renewable by recertification
Where you take it: Pearson VUE test centers or online proctored
Retake policy: 14-day wait between attempts
Cost: $300 — Standard exam fee; a 50% discount voucher is issued after passing any AWS exam

Official sources

AWS Certified Security – Specialty (SCS-C02) Exam Guide ↗

Fees, policies, and blueprints change — always confirm details with the official source before registering.