Just sat for the Certified Security Specialty exam and failed. Below is a general breakdown of the questions:
*Active Directory: 8-9 questions (lots concerning mapping AD attributes to AWS permissions)
*AWS Organizations: 5-6 questions
*DynamoDB: 3-4 questions (mostly concerning storing encrypted data; what keys to use; how to encrypt/decrypt)
*Kinesis: 2-3 questions (mostly around where to dump to after being analyzed)
*Cognito: 2-3 questions
*GuardDuty: Only got 1 question
I had some references to Athena in 5-6 questions but nothing too pointed. No mention of Macie, QuickSight, or Shield (which I thought was weird). Very little CloudFront, maybe 2-3 questions mentioned it at all. Very little AWS WAF, maybe 2-3. The rest were CloudTrail/CloudWatch/AWS Config and how they work together and with Lambda/API gateway. There was an interesting bit where sometimes the "L" in CloudWatch Logs was capitalized and sometimes it wasn’t. It was hard to decipher if that was a significant detail or not (threw me off pretty good).
Will likely sit for it again in a month or so. Any tips other folks have would be greatly appreciated. I definitely look forward to seeing some updated materials for the course, as there is a ton missing. (But still lots of love, Ryan!)
And sorry to hear that you didn’t pass this time, Joshua, it is a really challenging exam but hopefully with a bit of targeted study you will nail it next time!
Just to let you know that we have begun updating the course for 2019, based on student feedback. I have added a section today (Chapter 9 – Updates For 2019) which I will continue to build out over the next few weeks to include any gaps in the course.
I have also added a lecture covering additional resources and grouping together all the best White Papers and re:Invent videos to watch.
If you have anything to contribute, please do let me know!