Passed the exam last week.
So here is my recap:
Duration: 170 mins, Questions: 65. Time is nonissue – I had plenty to spare
Degree of difficulty: Medium. I have successfully given few other – this was easier, or maybe I have learnt the tricks.
This is a specialty exam so it is 2nd/3rd level down, so almost nothing is definitional. What do you have to do, and How do you exactly do that – configure, trouble shoot, and this is security so – all aspects of security – permissions. And it is a AWS exam so in addition to depth – there is always some breadth- be prepared, else if depth does not get you breadth will. On the other hand, breath can often compensate for lack of specific depth and come to the rescue.
I have read here by several – it is all about KMS. I would disagree, KMS is important part of the exam but far from the biggest.
My Prep: Couple of weeks, I do everything the hard way- No courses. I used AWS Documentation and some videos. AWS docs are super excellent, if you are not hands-on or have not used some of these services – videos can bridge the gap quite well. White Papers- No, they are mostly high level – the exam is detail level – so WP don’t help(IMHO)
No question banks– I think no good ones exist. I used the AWS practice exam – nothing great but I would still say it is worth the $40.
Here is how I would rank stuff:
I&AM: Be totally clear about all aspects of I&AM –Syntax, Policies- user based, resources based, Roles, external accts, etc etc. S3 bucket ACLs, policies and restrictions that can be setup. Total clarity in I&AM – without this it would be impossible to pass exam.
Logs: All types of logs- Cloud Watch, Cloud Trail, VPC flow logs, etc- know the differences clearly. Cloud Watch(CW) is of course the biggest- be clear on CW events, metrics, log agent setup. And of course setup- enabling, permissions, trouble shooting. Log viewing/analysis – Athena, EMR, Lambda, etc
KMS: (I am ranking this 3rd) Types of keys, how do use them, Key policies; key rotation for each type of key. How specific services use keys, and once again permissions for using keys.
Inspector/Guard Duty/Advisor/Config: Know the differences- there is good amount of overlap between all these- and it can be somewhat confusing. An of course how do you enable them, and use them with CW events etc.
CloudWatch– OAI etc.
SSO/Federation/Cognito – how do you exactly setup, and permissions (roles)
Networking: SG, NACL, VPCE – few Qs on these – easy ones.
WAF, DDoS: A couple of questions on this – sort of easy ones
Congrats on passing and thanks for the write up!
Congrats! And thanks for the write up, I’m going for this one next.