This is a quick blog post about how I self-studied for, and passed the AWS Certified Security – Specialty exam in less than three months. Hopefully these resources will lead you to pass as well!
As for background, I’ve been working in AWS for about 4-5 years now in a security setting, mostly working with VPCs and everything inside them. I’ve passed the AWS Certified Solutions Architect – Professional exam so that was good background for this exam, although I think the Associate would probably be good enough as well.
First thing’s first, Book the exam! Even 3 months out – that way you get an optimal time to do it (I usually try to time the exam for the same time as I study, psychological studies have shown you do better if you take exams in the same environment you study in). I took my exam virtually with Pearson – make sure you clean up your desk before the exam as well, and uninstall chrome/teamviewer remote desktop beforehand if you have it cause that stuff will keep trying to launch during the exam.
Acloud.guru Course + Practice Exam
The first (and main) resource I used to study was the course in acloud.guru. They had a merger with Linux Academy so it was pretty much a no-brainer. Really good content, all practice exam and quizzes had really good explanations for why a question had a certain answer, etc. Also, my company gave me access for free since they had a subscription to Linux Academy so it was a win-win. Took the entire course in about two months and moved onto my next source.. udemy!
Udemy Practice Exams
Udemy had this offer for a 7-day trial subscription and since all I needed were practice exams, I fully leveraged the 7 days then cancelled it (yes.. I’m cheap lol). It was better than paying $135 for the two classes I needed though:
I took the chapter quizzes, then the final practice exams in the Zeal course. I then moved on to the quizzes and final practice exam in the Chandra course. These two were honestly quite similar, I would say Chandra’s was a bit better at explaining things you did wrong in the practice exam but both had typos, wrong answers, things like that. Do your own research for the questions you got wrong and understand why you got them wrong, but in the end practice exams are a great way to test your knowledge and fill in what’s missing.
Some things I thought were really useful to learn in these two courses included:
- How to setup end-to-end encryption with custom certs on ec2 instances, load balancers, and CloudFront.
- How to validate MFA using the CLI.
- What SSM Agent is and what it’s used for.
- Detail about flow logs, how to change them.
As for other general tips.. I would say:
- Know GuardDuty in detail, especially ip whitelists and how to set them up
- Learn how to write an organizational SCP (Do you need Allows, or Denys in the policy?)
- Know the difference between Trusted Advisor, AWS Config, and AWS Inspector.
Other Resources
Otherwise, here are my notes from the class along with what I learned from the quizzes. Good luck!
https://zineausa.com/blog/wp-content/uploads/2021/11/notes_from_course_aws_security_speciality.txt
https://zineausa.com/blog/wp-content/uploads/2021/11/quiz_learnings_aws_security_speciality.txt
Need more practice exams? I have used Jon Bonso for my AWS Certified Solutions Architect Associate and Professional exams, they are always on point and he does have them for the AWS Security Specialty exam.. would recommend those as well. https://portal.tutorialsdojo.com/courses/aws-certified-security-specialty-practice-exams/