Took and pass the Security Specialty Exam yesterday and wanted to share my thoughts in relation to the ACloudGuru course.
Overall, the course covered all the topics needed. My exam had a HEAVY emphasis on cross account and hybrid architecture scenarios and all the access control planning and troubleshooting involved. The scenario examples in the course alone are not going to be enough unless you can deep dive into the capabilities and limitations of the options available. It felt like many of the questions were written intentionally knowing what test prep courses are teaching, because the questions that were strikingly similar to the exam simulator required additional details that were not really emphasized. Like for reimporting a CMK’s key material, you have to know the actual steps involved, unless you can memorize all the documentation and whitepapers. Not to say the course didn’t cover it, but when they say to "play around with" something, it’s very important to actually go do it so you can reinforce the steps involved and recognize the nuances. Maybe this is common sense when it comes to actually trying to learn stuff, but just a warning to those who expect to memorize the chapter summaries and be able to pass the exam. To address this, the course could use some more optional unguided lab suggestions just to give people some direction as to what to try on their own.
That said, there were a few things I encountered that weren’t explicity pointed out in the course:
- Cloudwatch logs insights (high level functionality)
- a couple questions where you had to know SSE-S3 details and how it addresses leaks and other vulnerability concerns (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html)
- KMS key policy conditions (not just kms:viaService!)
We could possibly chalk it up to there always being some "unrated" questions, but they’re always a decent sign of things to come in future versions.
Congratulations and thank you for the tips. I just started studying today and this will be helpful.
Great job, congratulations on passing!
It’s definitely a tough exam which really tests deep knowledge of the main Security features of AWS. Unlike the Associate level certs, with the Specialty and Professional level as well, you are required to do more than just memorize everything.
As you mentioned, it’s very important to get lots of hands-on experience with the labs or real world experience, play around with the services and get to know how they work, including troubleshooting when things don’t go as expected. That way you gain the experience to work out the answer, maybe even by a process of elimination as it’s just important to be able to recognise incorrect answers as to identify the correct ones!
All the best to you, thanks very much for your feedback on the course, I will make a note for future course updates!