I wrote and passed the AWS Certified Security Specialty exam 9/17/19.
I have to say, this was one of the most grueling exams I’ve ever written. I made 82%,but, until I saw the results, I thought I had failed. In fact, half way through this exam, I actually thought about quitting… and thats the first time I’ve ever experienced that level of demoralization in an exam :-). I had read another post here in which the candidate had said the same thing…. they thought they had failed until they got the results, so dont quit.
Preparation Advice: Everything taught in this course is relevant and applicable. Its a great foundation, but as Ryan notes, its not enough and when he says "You will be tested" he is not kidding.
Read the white papers and read the scenarios in the security blog!!! Take every practice quiz until you are in the mid 90’s. I took two weeks after I had completed the course, and did ACG and Whiz Labs practice exams over and over until i was making high 80’s or above.
Read the explanations for every answer right or wrong. Knowing why you got them right is just as important as why you got them wrong.
There are so many overlapping services and solutions that AWS will blur the lines between them in the exam and you will be faced with two or three viable solutions on at least 60% of the questions.
Expect to use the full three hours allotted to write the exam. I finished around 2:15 and used the last 45 minutes to go back through as much as I could.
Along with everything that Ryan and Faye talk about, know load balancers like the back of your hand and what traffic can be passed, how to associate them etc.
Know how to secure containers, i.e Docker etc. I didnt see that in the course material, but I may have missed it.
Lambda Edge appeared in one question.
Knowing linux helps.
Only one or two HSM questions. And those scenarios are similar to acg practice exams.
Know how to read Cloud Trail Logs.
Know how to read IAM policies upside down.
Know how to build VPC’s "From memory" as Ryan notes.
The more you know about networking, VPN’s, IP SEC, and Security Groups, the better.
Get used to paragraph long questions and answers. Its reality.
Thanks ACG Team!!!! This was a really challenging exam, no way could I have passed it without taking this course.