Security Sting | First AWS Cert!

AWS Certified Security - Specialty

Hey everyone! I wanted to give a brief recap of what I did to prepare for the AWS Certified Security Specialty exam and an overview of my exam experience in case it helps anyone else. I took the exam on June 29th 2020 and passed with an 863, so you can probably do more than what I did to get a higher score :)

Preparation

Well there is certainly a lot of information out there and resources claiming that they are all you need to pass this exam. So, why not use as much as possible? I studied for over a year on and off because, you know, life happens (this timespan even included my wedding). I took both the Linux Academy and Udemy AWS Certified Security - Specialty courses. The Linux Academy course I took has depreciated, but it looks like they already have a new one to take its place. The Udemy course material was closer to what was on the exam, yet they both had great material and different benefits. Linux Academy did a better job of having hands on labs that you could take throughout the lessons which help tie back the theory to real-world experience. Each of these platforms also had practice exams that you should utilize as well if you are going to invest the time and money into taking the course. These questions can be similar to what was on the exam or not even close depending on the platform and the question. So take them with a grain of salt. Overall, I highly recommend taking at least one course (preferably two) from one of these major platforms: A Cloud Guru (owns Linux Academy now), Udemy, the official AWS Security Engineering on AWS course, or any others. I also sat through the Security Engineering on AWS course that was taught by an instructor from AWS, but I didn’t find it as helpful as the other two that I took. It was more geared towards questions and answers that were based on our specific infrastructure at our organization.

I used quite a few different resources for studying the material outside of the major platforms as well. AWS does a great job documenting all of the different services and they also provide examples on how configurations need to look. AWS documentation can be found here. Referring to this documentation to answer any questions and brush up on areas where you don’t understand fully is highly recommended. Davis Ford provided some tips for me as well via his blog. There are many other blogs out there that provide information on what topics they encountered on the exam, so be sure to do your research as well. I mean it’s the internet - there is an ocean of information out there to be studied! But remember you can only study so much and once you feel comfortable you should schedule your exam. I want to emphasize that you should not stress about trying to study everything available or trying to become an expert on all of the major services.

Once I felt like I had a good understanding of most of the security aspects of AWS I purchased the Whizlabs practice tests. These are helpful in gaging what services/topics you might need to study more or interact with more in the labs. Even though these questions are related to securing AWS, the questions on the exam itself can be completely different.

Exam Experience

As far as the exam experience itself, I feel like I had a much different experience when compared to the experiences I was reading from others online. It seems like most people took the full 170 minutes to complete the exam. I only took an hour and 20 minutes at most. I also do not save questions that I am unsure of to review later, so that could have been why I didn’t need as much time. I took my exam via the online proctor (COVID-19 was happening during this) which was weird to have to stare at your computer screen the whole time and having to show my office to the proctor. I am a very nervous test-taker, so both that and the speed in which I finished the exam both factored into me not really remembering the exact coverage of each topic for my exam. However, I do agree with all of the blogs and study guides I have seen for the amount of each topic you will see. The big ones are KMS, IAM, incident response, securing EC2 via security groups and NACL’s, CloudWatch, and securing S3.

Overall, the process of studying for this exam was really fun and you learn A LOT of information about AWS! I highly recommend this certification if you are looking into moving to a DevSecOps, cloud security engineering, or cloud architect role among many others. Please feel free to reach out to me with any comments or questions regarding this post, AWS, or this certification! I would also appreciate a share of this post/blog if possible in case it can help even just one person :)

Don’t Get Stung,

-Security Sting