I’m about to take the security specialty exam (June), and I’m wondering how closely the material in the videos correlates with what is on the exam (since it is mentioned that it is based off the old one). I was hoping someone who has taken the new exam can advise me on which categories I will need to supplement, and what resources/topics I should focus most heavily on before going to take the exam. Is there anything that caught you off guard with the new exam? Anything you wish you had reviewed an extra time?
I took it 4/27 and missed it by 7 questions. I did see some topics on there that were not covered in ACG course, namely:
DynamoDB encryption in-transit and at rest,
Cognito Mobile App Web Identity Federation: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_cognito.html
Glacier policy troubleshooting: https://docs.aws.amazon.com/amazonglacier/latest/dev/vault-lock-policy.html
Encryption of Kinesis streams
One question came up that I am having a hard time finding an answer for (although I believe I answered it correctly) was the process for salvaging encrypted data where the imported key material had been compromised. There was a lot on KMS, incident response, bucket policies, CloudWatch Logs, Config, Trusted Advisor, Shield, WAF and ELB, VPC’s and Bastion hosts, and Lambda. Know which services can trigger a Lambda for remediation. I am re-taking it this week.
A good resource to consult:
I got a question on SES, AWS Simple Email Service on this exam. That threw me off!
Passed on Friday, May, 11. Exam is quite difficult, bunch of questions related to IAM & KMS, a lot of them overlapped (like access control for CMKs and KMS operations). Some important updates on logging and monitoring: you need to know how to copy/move OS and App logs to Cloud Watch, understand how you can implement real-time logs analysis using AWS tools. One more important topic to know: how to copy/move safely encrypted data between AWS regions. General knowledge about security compliance, penetration testing rules, security incident response are also required (but not very detailed or deep).
Course currently covers approximately 70-75% of possible questions. By my opinion, from my experience.
I can unequivocally tell you that this course only scratches the surface. Does it help prepare you for the exam? Yes, but to pass the exam you will have to go much deeper. This course doesn’t go nearly deep enough, which is fine. It fulfills its stated purpose, which is to teach the concepts.