Recently i have passed the AWS Certified Security Specialty Exam. It was a really challenging exam and i do really recommend to do the AWS Certified SAA and AWS Certified Sysops Administrator first before any of the Specialty/Pro Certifications.
PS : My intention is not to share any questions or reveal anything which breach the NDA with AWS.
I WANNA SEE MY WHOLE TEAM WINNING.
I always love to share knowledge. Let me tell little bit about my background i am using AWS since 2014. (to be honest 40 questions i answered very easily with the past experience) But still it took me 3 weeks to get ready for the exam and i really enjoyed it. Never underestimate or over confident about the exam. I am huge AWS Fan Boy!!
Materials used for study
- Adrian Cantrill Linux Academy Course ( It is not fully up to date, ill add more information below what are the other areas to cover, but there are no such best courses like this)
- Jon Bonso’s new AWS Certified Security Specialty exam prep (wow that one is really great and tougher than the real exam which makes you understand the concepts)
- FREE AWS Certified Security Specialty Practice Exams 2020 (Tutorials Dojo) : https://portal.tutorialsdojo.com/courses/free-aws-certified-security-specialty-practice-exams-sampler/
- AWS Certified Security — Specialty Practice Exams 2020 (Tutorials Dojo) : https://portal.tutorialsdojo.com/courses/aws-certified-security-specialty-practice-exams/
- Special thanks to my friend who is a security engineer Pathum Joseph
- AWS White Papers and more AWS Training resources ( links below)
First got through this and plan well: https://tutorialsdojo.com/aws-certified-security-specialty-exam-study-path/
Jon Bonso’s Cheat sheet : https://tutorialsdojo.com/aws-cheat-sheets-security-identity-services/
This is free from AWS and really useful for “e-Learning
Exam Readiness: AWS Certified Security — Specialty” : https://www.aws.training/Details/eLearning?id=34786
Main Tips and Things are not in the courses :
- Master the KMS service and how to use with other AWS Resources
- Learn a bit about KMS SDK with other services, end of this ill share one of my daily usage of this.
https://docs.aws.amazon.com/kms/latest/developerguide/service-integration.html https://docs.aws.amazon.com/kms/latest/developerguide/services-ebs.html https://docs.aws.amazon.com/kms/latest/developerguide/services-dynamodb.html https://docs.aws.amazon.com/kms/latest/developerguide/services-rds.html https://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html
- AWS Secret manager usage and the main differences between secret manager vs ssm parameter store.
- AWS GuardDuty is really important, understand how to automate using AWS GuardDurty.
- What you can monitor using VPC Flow logs and what you cant.
- All the Policy Documents IAM,S3,KMS… , THESE ARE REALLY IMPORTANT.
- Read well all the NACL and SG related questions, you have to choose the most suitable one sometimes.
- Know AWS Organizations, OU and how to use Service Control Policies to control child organizations, Restricting the root access.
- For all the practicals i have created a AWS Organization with SCP and roles.
- VPC End points
- AWS Security Hub and AWS Firewall Manager
- Below areas are really interesting and found a good aws dev day session, still can watch on demands you can download the slides as well. I do really recommend to check all the 4 sections. ( There are ECS related questions also) https://pages.awscloud.com/DevDay_Online_SecurityEdition.html
Scaling IAM permissions with Attribute based access control (ABAC)
Threat Detection and remediation in AWS
Securing Serverless Applications
Securing container workloads on AWS
- After you master all these areas please do the Job Bonso’s Practice exams. i got 70% from the first timed exam. Its really challenging but don't worry its not the worlds end. for every question there is a good reviews and related whitepapers, go through and understand why its wrong. which is really helped me for the exam.
- Don’t Panic and do the easy questions faster and save time for the comprehensive questions.
- DO NOT UNDERESTIMATE OR BE OVER CONFIDENT
- I always find for the wrong answers first.
Tada, finally the satisfaction of hardwork!!
If you need any help to prepare for this exam please feel free to comment or contact , me i am more than happy to help.