… and I want to extend my sincere gratitude yet again to the fine staff here at ACG. I’ve always been well prepared thanks to your stellar course materials and guidance. A big thank you to THE Cloud Guru Ryan Kroonenberg whose original Security Specialty course I used to pass the Security Specialty beta (on my first attempt no less) three years ago. A big thank you to Faye Ellis as well for extending that material out in the time since.
A few thoughts from my exam:
As Ryan states in the course, you absolutely have to know how to resolve IAM and resource (i.e. S3 and KMS) access policies. What’s changed on the exam from the beta is you now really have to know AWS Organizations and its policies and how they interact with individual account access policies. I think the existing course should expand on Organizations and its emphasis and how SCPs affect accounts in OUs (and different OUs in the same Organization).
I would say that at this point there’s a 30-35% or so overlap between the Security and Advanced Networking specialty exams. Lots of questions on CloudFront, how that works, and is configured for security. Load balancers, service and VPC endpoints come up aplenty as well along with VPC Flow Logs (including how to customize the reported data) and Direct Connect (how to secure DX connections). Have an idea about DX public/private VIFs as well (that surprised me, frankly) and how they differ in terms of access.
Also as Ryan says you have to know KMS back to front, including cross-account access to KMS keys and in the context of AWS Organizations. Know the various types of KMS keys and their rotation policies.
As a general take I think the Security Specialty exam has gotten more difficult since the beta just because of the amount of material covered. I ended up with an 875 and, while I would have liked a score in the 900s, it was far better than I scored on the beta. I was a little pressed for time given my existing cert was going to expire and couldn’t spend as much time as I would have liked reviewing. It was a very worthwhile exercise though, and my thanks again to the ACG staff!
Despite the difficulty of the exam, you still passed it. You’re doing great! congratulations, friend.
I congratulate you on passing the exam. Security is the kind of thing that will really only get harder and exams will surely only get harder. Recently, I started to understand this topic more and learned a lot of new information up to date. First of all, I would like to say that today security systems have become more modern and complex, in my opinion. Perhaps there are some tutorials on how to use ajax and other security systems, but I have not seen such articles. If someone can share, I would be very grateful.