Roadmap de préparation — AWS Certified Security – Specialty (SCS-C03) Pour : Michel Date de départ : 29 avril 2026 Cible : réussir l’examen SCS-C03 (lancé décembre 2025) — 750/1000 minimum, 170 min, ~65 questions 📌 Nouveautés clés C02 → C03 IAM passe de 16 % à 20 % — c’est désormais le domaine le plus lourd (avant c’était Infrastructure Security). Detection et Incident Response sont maintenant deux domaines distincts (avant : un seul à 14 %). Nouveaux formats de questions : ordering (mettre des étapes dans l’ordre) et matching (associer des éléments). Nouveaux sujets 2026 : logging aligné OCSF (Open Cybersecurity Schema Framework) avec Security Lake, guardrails pour l’IA générative (Bedrock Guardrails, sécurité Bedrock). 1. Domaines & pondérations (SCS-C03) # Domaine Pondération 1 Detection 16 % 2 Incident Response 14 % 3 Infrastructure Security 18 % 4 Identity and Access Management 20 % ⭐ 5 Data Protection 18 % 6 Security Foundations and Governance 14 % ➡️ IAM + Data Protection + Infrastructure Security = 56 % : c’est votre cœur de cible. ➡️ Detection + Incident Response = 30 % : ne les négligez surtout pas, ils sont maintenant séparés et pèsent plus qu’avant. ...
Posts
Simple Network Management Protocol SNMP a été créé pour surveiller les périphériques réseau. Ce protocole permet également de gérer les tâches de configuration et de modifier les paramètres à distance. Pour l’empreinte SNMP, nous pouvons utiliser des outils tels que snmpwalk, onesixtyoneet braa. SnmpwalkIl permet d’interroger les OID avec leurs informations. snmpwalk -v2c -c public 10.129.14.128 snmpwalk -v2c -c backup 10.129.109.205 Community: admin manager public private backup sudo apt install onesixtyone onesixtyone -c /opt/useful/seclists/Discovery/SNMP/snmp.txt 10.129.14.128 utiliser avec braa pour forcer les OID individuels et énumérer les informations qui se cachent derrière eux ...
Etapes Configurer le controleur de Domaine (DC01) nom du domaine : nyoma.local Créer des objets utilisateur departement / OU Direction IT Finance RH Marketing Sales Support Production Nom complet Username Groupe Michel Nyobe mnyobe GG_IT_Admin Sarah Laurent slaurent GG_RH Thomas Dubois tdubois GG_Finance Julien Moreau jmoreau GG_IT_Support Clara Petit cpetit GG_Marketing Antoine Martin amartin GG_Sales Laura Bernard lbernard GG_Sales Kevin Robert krobert GG_Production Sophie Leroy sleroy GG_RH Hugo Fontaine hfontaine GG_IT_Admin Emma Rousseau erousseau GG_Finance Lucas Garnier lgarnier GG_IT_Support Inès Chevalier ichevalier GG_Marketing Nathan Girard ngirard GG_Production Camille Bonnet cbonnet GG_Direction Maxime Marchand mmarchand GG_Server_Admins Léa Dupont ldupont GG_Backup_Operators Enzo Mercier emergier GG_IT_Support Chloé Faure cfaure GG_Marketing Adam Noel anoel GG_Sales 1 compte service faible : svc-backup Mot de passe : Backup123 Groupe : GG_Backup_Operators ...
Installation du lab Active Directory Creation des VM et preparation de l’infrastructure DC01 ip : 192.168.17.136 system : windows server 2019 nom du domaine : nyom.local ![[Pasted image 20260410092015.png]] Creation des roles ACtive directory ![[Pasted image 20260410092613.png]] Creation des utilisateurs nous avons creer 20 utilisateurs OU add ![[Pasted image 20260410094759.png]] ![[Pasted image 20260410094825.png]] Enumeration AD ![[Pasted image 20260410105303.png]] PORT STATE SERVICE REASON VERSION 53/tcp open domain syn-ack ttl 128 Simple DNS Plus 88/tcp open kerberos-sec syn-ack ttl 128 Microsoft Windows Kerberos (server time: 2026-04-10 08:48:31Z) 135/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 139/tcp open netbios-ssn syn-ack ttl 128 Microsoft Windows netbios-ssn 389/tcp open ldap syn-ack ttl 128 Microsoft Windows Active Directory LDAP (Domain: nyoma.local0., Site: Default-First-Site-Name) 445/tcp open microsoft-ds? syn-ack ttl 128 464/tcp open kpasswd5? syn-ack ttl 128 593/tcp open ncacn_http syn-ack ttl 128 Microsoft Windows RPC over HTTP 1.0 636/tcp open tcpwrapped syn-ack ttl 128 3268/tcp open ldap syn-ack ttl 128 Microsoft Windows Active Directory LDAP (Domain: nyoma.local0., Site: Default-First-Site-Name) 3269/tcp open tcpwrapped syn-ack ttl 128 3389/tcp open ms-wbt-server syn-ack ttl 128 Microsoft Terminal Services | ssl-cert: Subject: commonName=DC01.nyoma.local | Issuer: commonName=DC01.nyoma.local | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2026-01-28T18:25:20 | Not valid after: 2026-07-30T18:25:20 | MD5: 2c2b:1e0c:36e6:d8de:d745:a6a9:5c6e:27a1 | SHA-1: e1fe:cdb0:a017:979d:41cb:b54a:8631:585a:ada8:539d | -----BEGIN CERTIFICATE----- | MIIC5DCCAcygAwIBAgIQWqkwZyg4GKBMLpqewwiuHzANBgkqhkiG9w0BAQsFADAb | MRkwFwYDVQQDExBEQzAxLm55b21hLmxvY2FsMB4XDTI2MDEyODE4MjUyMFoXDTI2 | MDczMDE4MjUyMFowGzEZMBcGA1UEAxMQREMwMS5ueW9tYS5sb2NhbDCCASIwDQYJ | KoZIhvcNAQEBBQADggEPADCCAQoCggEBALUaWl3/3aL9SD50lKCaDKBCTbWYPrEj | TAiEDNR2MJy1kE/Yy8UDan2FP+O8ThgocCYioXZODNINQuTq7mWzO7HtyRTYagRq | 2YeXfO/rdkPuSe696N/n9y8KwFoBcwYd1iACogIRr2zGDKhMvXPJjaqt4LsRgCPQ | UFenrbh5EMnsgMEQzXZeTufkBGFn60dewdhh9dHWXnJnl1LpOB5YY82RZoQLAFqi | Md4/tpWxTxdjOMkjt4DOOQcML6NcjWK5BstXk87PE/sDpZGsoYbs5CweS0fbNwG2 | 9NIlTeeUhaeuDQxNpzznPiCTvS9fGOzpbO2I4ZUwpmBePWnv7gUwwOECAwEAAaMk | MCIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgQwMA0GCSqGSIb3DQEB | CwUAA4IBAQCgR1WmKEJaLIhCCWoDT99ab3qcwPMqR6/CaJ2SEWgHmA46JsF9Jrwi | zMhynyGLgP+6wM8egv7186CMovUKkA+uRZWR8swBZ8ab+0dSMls37u+XcE78s/9g | gGYJSSYd6dkjvgBskSk09FEoyeQRFAU8tBbwpNeWQzDq8XPIM8Oet0q5HS6JjaIV | ab/aBqsv7xxvAGYltUJmWfE41Mjmq+XjWbxD/3gzk+6FRKcY2gnzJadlTTIqJHNe | h6kY3NL+OFOfQB15yeHFBr8sqDXoBqZBSHz64HBVuVdxAoPqCTj68tk33Qswi0tc | ZzeCTquxIiC8puxRBn8nKPGQDipbLrrd |_-----END CERTIFICATE----- | rdp-ntlm-info: | Target_Name: NYOMA | NetBIOS_Domain_Name: NYOMA | NetBIOS_Computer_Name: DC01 | DNS_Domain_Name: nyoma.local | DNS_Computer_Name: DC01.nyoma.local | DNS_Tree_Name: nyoma.local | Product_Version: 10.0.17763 |_ System_Time: 2026-04-10T08:49:19+00:00 |_ssl-date: 2026-04-10T08:49:59+00:00; 0s from scanner time. 5985/tcp open http syn-ack ttl 128 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-title: Not Found |_http-server-header: Microsoft-HTTPAPI/2.0 9389/tcp open mc-nmf syn-ack ttl 128 .NET Message Framing 49668/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 49670/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 49671/tcp open ncacn_http syn-ack ttl 128 Microsoft Windows RPC over HTTP 1.0 49673/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 49674/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 49684/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC 50092/tcp open msrpc syn-ack ttl 128 Microsoft Windows RPC MAC Address: 00:0C:29:7C:BC:93 (VMware) Service Info: Host: DC01; OS: Windows; CPE: cpe:/o:microsoft:windows Host script results: | smb2-security-mode: | 3:1:1: |_ Message signing enabled and required | nbstat: NetBIOS name: DC01, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:7c:bc:93 (VMware) | Names: | DC01<20> Flags: <unique><active> | NYOMA<1c> Flags: <group><active> | DC01<00> Flags: <unique><active> | NYOMA<00> Flags: <group><active> | NYOMA<1b> Flags: <unique><active> | Statistics: | 00:0c:29:7c:bc:93:00:00:00:00:00:00:00:00:00:00:00 | 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 |_ 00:00:00:00:00:00:00:00:00:00:00:00:00:00 | smb2-time: | date: 2026-04-10T08:49:19 |_ start_date: N/A |_clock-skew: mean: 0s, deviation: 0s, median: 0s | p2p-conficker: | Checking for Conficker.C or higher... | Check 1 (port 41481/tcp): CLEAN (Timeout) | Check 2 (port 46587/tcp): CLEAN (Timeout) | Check 3 (port 53334/udp): CLEAN (Timeout) | Check 4 (port 64454/udp): CLEAN (Timeout) |_ 0/4 checks are positive: Host is CLEAN or ports are blocked NSE: Script Post-scanning. NSE: Starting runlevel 1 (of 3) scan. Initiating NSE at 10:49 Completed NSE at 10:49, 0.00s elapsed NSE: Starting runlevel 2 (of 3) scan. Initiating NSE at 10:49 Completed NSE at 10:49, 0.00s elapsed NSE: Starting runlevel 3 (of 3) scan. Initiating NSE at 10:49 Completed NSE at 10:49, 0.00s elapsed Read data files from: /usr/share/nmap Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 195.90 seconds Raw packets sent: 131125 (5.769MB) | Rcvd: 97 (4.252KB)
https://redops-academy.coursestack.com/dashboard