Took the Security Specialty exam on Thursday, 6/13, and passed with a 766. I finished the exam in 105 minutes, but (BUT!) marked 38 questions to review (questions where I got down to two answers that were really close). I modified 5 of the 38 questions from the original answer submitted. Reviewing the questions took the remaining time as I completed the exam with 2 minutes left. Very surprised I passed and the score confirms it.
As others have noted in this forum, the exam is tricky only because of the way the questions and answers are worded. Reading and comprehending (<– especially comprehending) the question is vital to answering correctly. Previous experience and knowledge in cybersecurity helped me throughout the exam.
As far as content goes, the posts covering content in the AWS security forum were helpful. There were more questions about Kinesis and Athena than I expected and KMS questions about service integration were sprinkled throughout. Definitely know CloudWatch and CloudTrail in depth.
For preparation, I watched the ACG course twice (thanks for the updates, Faye!) and the Linux Academy class once. I read all the whitepapers as prescribed by AWS and ACG and the IAM and KMS developer guides. I also watched the AWS re:invent videos and googled for use cases when I had questions about topic areas. Total prep time was about two months.
I’m grateful to pass, but don’t think the exam is a good test of AWS security knowledge or experience only because the questions are worded so poorly. I think there’s an opportunity for AWS to improve the test and I hope they make adjustments over the next year to better reflect a candidate’s knowledge and experience instead of their ability to comprehend tricky questions and answers.
Congratulations on the pass.
Thank you for the feedback. I have brought this to the attention of the Quiz Master, to evaluate as part of our on-going continual improvement.
Moderator & Coach
I would agree the security exam is not a good test of overall security knowledge, the test should have a section on TLS.
In the world of security TLS and OWASP, etc are core.
Congrats! I passed today (6/22/19) and it was exactly what I expected – lots of tricky questions. Knowing the difference between CloudWatch /CloudTrail/Config and ability to read policies in JSON is a must. I also had quite a few questions about encryption and troubleshooting.