I had flagged more than 10 questions and completed everything by 2 hours.
Questions from Topics which I encountered during the exam:
1. Troubleshooting CloudWatch (Agent, configuration, permissions), lambda, SSM parameter permission issue
2. CloudTrail vs Cloudtrail via Athena (Forensic Investigation- Question mentioned 90 days)
3. KMS, IAM & SCP policy and what they intend via that example. They also had stated requirement and asked what condition & action can we use to fulfil that requirements.
4. Questions were directly picked from KMS Best practice & security best practice whitepapers with same wordings.
5. 2 Questions from Directory service, federation and one straight worded Cognito question.
6. Single question from each Macie, Guard duty & Trusted Advisor
7. Single question from secrets manager & parameter store
Contents from CloudGuru would help you start but I would say read the complete documentation on KMS and IAM. Read developers guide.
They had some really good troubleshooting questions and real-world scenario questions. It tests your understanding of general security troubleshooting & AWS hands-on experience. Do practice a lot.
Hardly 4-5 questions from exam simulator here. However, it should not deter you to take a few tests here to build your approach of taking the exam. Do practice here but don’t buy any practice tests online.
Take Exam Readiness: AWS Certified Security – Specialty course & AWS Practice tests by AWS.
- https://github.com/JuiceTheJiraffe/Jacob-Johnson/tree/master/Notes/AWS-Security-Cert-Study-Material
2. CloudGuru Videos & discussion forums
3. Official Documentation, Developer’s guide, Whitepapers & Hand-on practice
Watch ACG videos, Read docs, whitepapers, developer’s guide, practice and repeat
Thanks for the link to the Jacob-Johnson material. That stuff looks interesting! Pretty large summary!
congrats!
Thank you @Martin & @Whizkid