Last updated: May 6, 2026. Verified against official exam-owner pages, candidate handbooks, and the local Open Exam Prep taxonomy for aws-security-specialty-c03.
AWS Security Specialty SCS-C03 Exam Guide 2026 - What Changed and How to Study
SCS-C03 is not a dump-refresh of the old Security Specialty exam. AWS moved the blueprint into six domains, added ordering and matching item types, kept IAM as the heaviest domain, and expects security engineers to reason across multi-account governance, detection, incident response, infrastructure controls, data protection, and newer AI-security surfaces.
AWS says SCS-C03 validates the ability to secure AWS products and services, includes 50 scored questions plus 15 unscored questions, reports scaled scores from 100-1000, and requires a minimum passing score of 750.
| Item | 2026 detail |
|---|---|
| Credentialing body | Amazon Web Services (AWS) |
| Exam code | SCS-C03 |
| Exam format | 65 questions: 50 scored and 15 unscored |
| Time limit | 170 minutes |
| Passing score | 750 on a 100-1000 scale |
| Question types | Multiple choice, multiple response, ordering, and matching |
| Testing | Pearson VUE test center or online proctoring |
What the Exam Is Really Testing
| Priority area | Weight | What to master |
|---|---|---|
| Identity and Access Management | 20% | IAM, federation, Identity Center, STS, ABAC, SCPs, permission boundaries, resource policies, and Cognito. |
| Infrastructure Security | 18% | VPC controls, WAF, Shield, Network Firewall, CloudFront, endpoints, PrivateLink, and secure connectivity. |
| Data Protection | 18% | KMS, CloudHSM, Secrets Manager, ACM, Macie, encryption patterns, S3 data security, and Bedrock/GenAI controls. |
| Detection | 16% | CloudTrail, CloudWatch, Config, GuardDuty, Security Hub, Inspector, Detective, Security Lake, and centralized logging. |
| Incident Response | 14% | Preparation, playbooks, forensics, containment, automated remediation, and root-cause analysis. |
| Security Foundations and Governance | 14% | Well-Architected Security Pillar, Organizations, Control Tower, Audit Manager, Artifact, and compliance evaluation. |
How to Study Without Wasting Time
- Start with IAM because it is the largest domain and because almost every SCS-C03 scenario includes a permission boundary, SCP, resource policy, session policy, trust policy, or cross-account access decision.
- Build hands-on labs around detection and response: GuardDuty to EventBridge, Security Hub findings, CloudTrail Lake queries, Inspector findings, Config rules, and SSM Automation containment.
- Do not ignore new item types. Ordering and matching questions reward knowing the sequence of incident response, policy evaluation, KMS key design, and centralized logging rollout.
The useful sequence is simple: read the official source, convert each domain into decisions you must make on the job, then use practice questions to expose weak reasoning. If a missed question only teaches you a definition, review it once. If it exposes a workflow mistake, rebuild the whole decision chain.
Free Practice Path on Open Exam Prep
Use the free SCS-C03 practice set after reading the official AWS exam guide line by line; every miss should map back to a domain task statement and an AWS service decision.
Official Sources to Keep Open
- AWS SCS-C03 Exam Guide
- AWS Certified Security - Specialty Certification Page
- AWS Certification FAQs
- AWS Security Reference Architecture
- AWS Skill Builder
Use these official pages to verify eligibility, fees, scheduling, testing windows, content outlines, and renewal rules before you pay for an exam. Commercial prep pages can be helpful, but official exam-owner material is the source of truth.
Final Readiness Checklist
- You can explain the exam format, timing, scoring model, and eligibility route without looking them up.
- You can name the highest-weight domains and explain why those domains matter in real work.
- You can answer mixed practice questions without knowing which domain is coming next.
- You can explain every wrong answer in terms of a rule, workflow, or safety decision.
- You know where the official handbook and content outline live, and you have checked them before scheduling.
Buy on Amazon