Real exam simulation with countdown timer.
65 questions · 170-minute exam format · opens existing quiz flow
SCS-C02 Mock Exam Questions (Page 1 of 3)
Preview the questions first, then start in timed or study mode.
- Question #1Domain 1
An AWS environment has been compromised. GuardDuty raises a finding of type 'UnauthorizedAccess:IAMUser/MaliciousIPCaller'. The IR team wants to immediately prevent the compromised IAM user from making further API calls without deleting the user. Which action should they take first?
- Question #2Domain 1
A security analyst receives a GuardDuty finding that an EC2 instance is communicating with a cryptocurrency mining pool. As part of incident response, the analyst must preserve forensic evidence. Which FIRST step maintains evidence integrity?
- Question #3Domain 1
A company wants to centralize security findings from multiple AWS accounts and services (GuardDuty, Inspector, Macie, Config) into a single pane of glass. Which AWS service provides this centralized aggregation?
- Question #4Domain 1
After a security incident, a forensics team needs to reconstruct the sequence of API calls made by a compromised IAM role over the past 30 days. Which service provides this complete API activity history?
- Question #5Domain 2
A company needs to monitor for configuration changes to AWS resources and receive alerts when critical resources like security groups or IAM policies are modified. Which service detects and records these configuration changes?
- Question #6Domain 2
A security team wants to alert whenever the root account is used to make API calls. Which combination detects and alerts on this?
- Question #7Domain 2
A company stores application logs in Amazon S3. The security team needs to detect when sensitive data (credit card numbers, SSNs) is accidentally written to these log buckets. Which AWS service provides automated PII detection?
- Question #8Domain 2
A company requires that all VPC network traffic metadata be retained for 1 year at minimal cost for compliance auditing. Which approach achieves the best cost-performance balance?
- Question #9Domain 3
A company's web application is being targeted by a large-scale Layer 7 HTTP flood DDoS attack. Which AWS service provides intelligent Layer 7 DDoS protection with custom rules to mitigate this attack?
- Question #10Domain 3
A company deploys applications on Amazon EC2. Developers need SSH access to instances for debugging. The security team wants to eliminate bastion hosts and remove the need for port 22 to be open. Which solution achieves this?
What's Included
Domain Coverage
Our mock exam covers all 6 SCS-C02 domains in proportions that match the real exam.
Frequently Asked Questions
How many questions are on the SCS-C02 exam?
The SCS-C02 exam has 65 questions to be completed in 170 minutes.
What is the passing score for SCS-C02?
The passing score is 750 out of 1000 on a scaled scoring system (100–1000 range).
Is this mock exam free?
Yes, this mock exam is completely free with unlimited retakes. Each attempt draws from our 500+ question bank with randomized order.
How realistic is this practice exam?
Our mock exam mirrors the real SCS-C02 experience: same question count (65), same time limit (170 min), same passing threshold (750/1000), and coverage across all 6 domains.