Passed! – AWS Security Specialty – 7th Nov 2019
Hello Gurus!,
I’ve been preparing for this for almost 4 Months, a little bit on and off but very committed in the last 2 months, I finished the exam with 2 or 3 minutes to spare so there wasn’t much time to revise anything I flagged, so I just ended it, I was confident in passing though so that was alright, however i should have taken more care to time management as I spent a lot of thinking time on some questions which compromised the whole management thing
The path i took was as follows:
ACG Security Specialty Course – Re-watched the Summaries multiple times
I write notes on paper while watching the course ( call me old fashioned ), i just feel it sticks better in my head
Did alot of tries on ACG Exam Simulator till i hit 90%+ , as many have mentioned in the course, the Exam Simulator is amazing as not only it shows the wrong answers it also explains everything & provides links for it
I Did the Practice exam using the free voucher from my previous CAA exam and got 80%
I’ve referred to a post by Faye for 3 Cert Quiz Exams & another 24 Question Quiz – link here
Went through most of the white papers ( did not fully cover DDOS though, I will in the coming days )
Re-read KMS multiple times, checked FAQ for KMS as well made sure to check examples mentioned there by AWS
Read FAQs for AWS Config, ELBs, WAF, CloudWatch & CloudTrail
What was in the exam ?
Lots of KMS, Key Rotation, SSM Parameter store access to EC2, IAM Policies, External access to S3 buckets, AWS Config, Lambda, CloudTrail & CloudWatch, Trusted Advisor & Inspector
Make sure to understand those well as when to use what, sometimes two answers work but the choice is made from the question context .. i.e “easiest” way or with “Least management over-head”
Make sure to read through ADFS Trust with AWS, understand it thoroughly, double check all scenarios from AWS Documentation and make sure to let them sink-in
Scenarios of On-Premises data center connection to AWS with which best approach i.e “VPN with Direct Connect”, actually a recall a question that combined both AD Trust for Company users & a secure VPN tunnel
Encryption questions like “the user got an error while trying to access those files which are encrypted using KMS on the S3 Bucket” the IAM policy is shown & you are asked to select what should be changed to fix the problem
What to choose for DDOS mitigation ? Shield ? WAF ? Guard Duty ? , i vaguely recall it but a question or two on this came up
Also a question came on CloudFront, Custom SSL Certs & OAI
All in all it was a nice journey, I hope this would be helpful for others soon to take the exam
CAP here I come 😊
1 Answers
Congratulations Azeez ! well Done
Which Whitepapers you found helpful and did you refer to any Re:Invent Videos as well
Hi Mprasoon, Thank you!, i read & re-read KMS & AWS Security Best Practices, a little bit of reading in cryptography as well, as mentioned in the post i also covered FAQs for KMS KMS KMS, AWS Config, CloudTrail, CloudWatch, Trusted Advisor & Inspector, i did not watch re-invent videos
Nice tips, thank you! Congratulations and good luck on the next exam.
Thanks Karen! You’re welcome and good luck to you too.