What is the Certified Cloud Security Practitioner – Amazon Web Services (CCSP-AWS) exam?
Certified Cloud Security Practitioner (CCSP-AWS) is an entry-level exam to test and validate a candidate’s knowledge on the core concepts of AWS cloud security.
Who should take this exam?
CCSP-AWS is intended to be taken by security engineers, security analysts, solution architects, cloud solution developers, threat analysts, penetration testers, red and blue team members and any security enthusiast, with a strong knowledge in the area of cloud security who wants to evaluate and advance their knowledge.
What is the format of the exam?
The exam includes Multiple Choice Questions (MCQs) covering the syllabus. The time duration of the exam is 60 minutes. The exam will be proctored but can be taken online, anytime (on-demand) and from anywhere. The exam will cover a variety of questions which are both factual and scenario based.
What is the pass criteria for the exam?
The pass criteria are as follows:
- Candidates scoring over 60% marks will be deemed to have successfully passed the exam.
- Candidates scoring over 75% marks will be deemed to have passed with a merit.
What is the experience needed to take the exam?
This is an entry-level exam which will validate the candidate’s understanding of core fundamentals related to the AWS cloud and related security topics. Candidates should have knowledge of common cloud security misconfigurations, best security practices, defense-in-depth measures as well as an overview of monitoring and responding against the common security threats on AWS cloud.
Note: Professional pentesting is not a requirement for this exam.
What will the candidates get?
On completing the exam, each candidate will receive:
- A certificate with their pass/fail and merit status.
- The certificate will contain a code/QR link, which can be used by anyone to validate the certificate.
What is the exam retake policy?
Candidates who fail the exam, must purchase a new exam voucher to retake the exam.
What are the benefits of this exam?
The certificate will allow candidates to demonstrate their understanding of AWS Cloud Security. This will help them to advance in their career.
The exam will cover the following topics
Authentication, Authorization and Access Control
- AWS Identity and Access Management
- AWS Cognito
- AWS Service Control Policies
- AWS Key Management Service (KMS)
- AWS Secrets Manager
- AWS Certificate Manager
Compliance and Governance
- AWS Config
- AWS Organizations
- AWS Virtual Private Cloud (VPC)
- AWS Security Group
- AWS Network ACL
Monitoring and Incident Response
- AWS CloudWatch
- AWS CloudTrail
- AWS Detective
- AWS GuardDuty
Common Security Issues Related to AWS Services
- AWS Elastic Container Services (ECS)
- AWS Elastic Kubernetes Services (EKS)
- AWS Elastic Compute Services (EC2)
- AWS Simple Storage Services (S3)
- AWS Lambda Functions
Common Application Security Attacks on AWS Cloud
- Such as:
- Broken Access Control
- Server Side Request Forgery
- SQL Injection
- Code Injection
- Best Security Practices