AWS Secure Builder Micro-Credential

This AWS Secure Builder Micro-Credential validates competency in securing and managing AWS environments, covering key areas such as the shared responsibility model, identity and access management, CI/CD pipeline security, and workload hardening. Candidates will demonstrate their understanding of monitoring solutions, how to mitigate attack vectors, and apply incident response best practices. The exam also emphasizes zero trust principles and supply chain security to ensure a resilient AWS infrastructure.

The AWS Secure Builder Micro-Credential is currently available for presale and can only be purchased in conjunction with an affiliated course purchase.

Areas Covered

Implementing AWS IAM best practices and secure access controls.
Building and securing AWS CICD pipelines and avoiding misconfigurations.
Hardening AWS workloads
Implementing security monitoring, logging, and alerting tools within an AWS environment
Defending against supply chain attacks using zero trust principles along with vendor reliance and onboarding processes.

Who is the Micro-Credential for?

Professionals aiming to validate their competency in AWS cloud security and operational best practices.
Individuals seeking roles in cloud architecture, security operations, or DevSecOps.
Practitioners looking to enhance their ability to secure and manage workloads in AWS environments.

Exam Format

50 questions
2 hours

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Objectives & Outcome Statements

Cloud Security and Shared Responsibility

The candidate will demonstrate an understanding of the shared responsibility model, the difference between cloud and on-premises security, AWS security architecture, compliance requirements, and how to apply effective security controls.

Identification and Authorization

The candidate will demonstrate an understanding of how to implement AWS IAM best practices, use AWS IAM tools, troubleshoot authentication issues, and apply secure access controls.

Continuous Integration Continuous Delivery (CICD)

The candidate will demonstrate an understanding of Continuous Integration Continuous Delivery (CICD) pipelines in AWS as well as deployment automation, security tool integration and how to avoid common misconfigurations.

Workload and Service Hardening

The candidate will demonstrate an understanding of AWS workload hardening techniques for services such as API Gateway, S3, EC2 and RDS as well as how to resolve misconfigurations of each.

Security Monitoring

The candidate will demonstrate an understanding of how to implement security monitoring within an AWS environment using logging as well as monitoring and alerting tools.

Exposure and Attack Vectors

The candidate will demonstrate an understanding of how to identify points of exposure and attack vectors against an AWS environment using open-source intelligence. They will also demonstrate an understanding of how to reduce the attack surface.

Incident Response

The candidate will demonstrate an understanding of the six-step incident response process as well as how to implement best practices with incident response roles, playbooks and technology.

Trust, Control, and the Supply Chain

The candidate will demonstrate an understanding of zero trust principles along with vendor reliance and onboarding processes to defend against supply chain attacks.

Other Resources

Training is available in OnDemand.
Practical work experience can help ensure that you have mastered the skills necessary for certification.
College level courses or self-paced study through another program or materials may meet the needs for mastery.
Get information about the procedure to contest exam results.

Practice Tests

1 Practice Test is included with your purchase, no additional Practice Tests are available for purchase.
These tests are a simulation of the real exam allowing you to become familiar with the test engine and style of questions.
Practice exams are a gauge to determine if your preparation methods are sufficient.
The practice bank questions are limited so you may encounter the same question on practice tests when multiple practice tests are purchased.
Practice exams never include actual exam questions.