AWS Network Firewall
Objective 1.3 · Secure Architectures
Amazon Macie for S3 Data Discovery
Objective 1.4 · Secure Architectures
AWS KMS and Encryption Strategies
Objective 1.2 · Secure Architectures
AWS WAF and Shield
Objective 1.3 · Secure Architectures
AWS IAM Advanced: Roles, Policies, STS
Objective 1.1 · Secure Architectures
VPC Security: Security Groups, NACLs, Flow Logs
Objective 1.1 · Secure Architectures
Secrets Manager vs Parameter Store
Objective 1.2 · Secure Architectures
Service Control Policies and AWS Organizations
Objective 1.4 · Secure Architectures
S3 Security: Bucket Policies, ACLs, Encryption
Objective 1.5 · Secure Architectures
IAM Policy Types: Identity, Resource, Permission Boundary, SCP
Objective 1.1 · Secure Architectures
IAM Cross-Account Role Assumptions
Objective 1.1 · Secure Architectures
IAM Permission Boundaries
Objective 1.1 · Secure Architectures
AWS IAM Identity Center (SSO) and SAML Federation
Objective 1.1 · Secure Architectures
AWS Directory Service: AD Connector vs Managed AD
Objective 1.1 · Secure Architectures
Amazon Cognito User Pools and Identity Pools
Objective 1.1 · Secure Architectures
STS: AssumeRole, GetSessionToken, and Web Identity
Objective 1.1 · Secure Architectures
Cross-Account S3 Access Patterns
Objective 1.5 · Secure Architectures
S3 Pre-Signed URLs and Access Points
Objective 1.5 · Secure Architectures
S3 Bucket Policies vs ACLs
Objective 1.5 · Secure Architectures
S3 Encryption: SSE-S3, SSE-KMS, SSE-C, Client-Side
Objective 1.2 · Secure Architectures
S3 Object Lock and WORM Compliance
Objective 1.5 · Secure Architectures
KMS Key Policies and Grants
Objective 1.2 · Secure Architectures
Customer Managed Keys vs AWS Managed Keys vs Customer Provided
Objective 1.2 · Secure Architectures
AWS CloudHSM vs AWS KMS
Objective 1.2 · Secure Architectures
Secrets Manager Automatic Rotation
Objective 1.2 · Secure Architectures
Parameter Store Advanced Tiers and SecureString
Objective 1.2 · Secure Architectures
AWS Certificate Manager (ACM)
Objective 1.3 · Secure Architectures
AWS Shield Advanced
Objective 1.3 · Secure Architectures
AWS WAF Rule Groups and Managed Rules
Objective 1.3 · Secure Architectures
AWS Firewall Manager
Objective 1.3 · Secure Architectures
VPC Endpoints: Gateway vs Interface vs GWLB
Objective 1.1 · Secure Architectures
AWS PrivateLink for SaaS Services
Objective 1.1 · Secure Architectures
AWS Transit Gateway
Objective 1.1 · Secure Architectures
VPC Flow Logs for Security Analysis
Objective 1.1 · Secure Architectures
NACLs vs Security Groups: Deep Dive
Objective 1.1 · Secure Architectures
VPC Network Access Analyzer
Objective 1.1 · Secure Architectures
CloudTrail Advanced: Multi-Region, Integrity, Organization Trail
Objective 1.4 · Secure Architectures
AWS Config Rules and Conformance Packs
Objective 1.4 · Secure Architectures
AWS Security Hub
Objective 1.4 · Secure Architectures
Amazon GuardDuty
Objective 1.4 · Secure Architectures
Amazon Inspector v2
Objective 1.4 · Secure Architectures
Amazon Detective
Objective 1.4 · Secure Architectures
AWS Resource Access Manager (RAM)
Objective 1.4 · Secure Architectures
AWS Organizations: OUs, SCPs, and Hierarchy
Objective 1.4 · Secure Architectures
AWS Control Tower and Landing Zone
Objective 1.4 · Secure Architectures
AWS Audit Manager
Objective 1.4 · Secure Architectures
ECR Image Scanning and Lifecycle Policies
Objective 1.5 · Secure Architectures
Free SAA-C03 practice questions with full explanations. Test what you learn chapter by chapter.
SAA-C03 Practice Questions