Certified Security - Specialty

Sign Up Free or Log In to participate!

Passed Security Cert today

I passed the security certification this morning and I’m trying to remember as much as I can…

I felt there were a few areas not covered by the course yet that it would be worth doing some more reading/revision before you attempt the exam:

But the big one for me was understanding master vs data keys, I didn’t feel as well prepared for these questions and there were a few.

I had a number of questions around

  • Resolving issues that affect logging, including IAM policies, VPC peering, VPC networking

  • How to process, search and store logs, typically looking for Kinesis and ElasticSearch

  • Certificates, cloudfront and load balancers

  • Forensics

  • What resource types can you attach policies vs relying on an iam policy

  • Cross account roles

Thanks Ryan for a great course.



And a few easy questions on systems manager and the run command. too


Thanks, Half way in the course. would definitely read all these post and refer to the reference before my exam


You are awesome – thank you


Congratulations, and thank you Chatz

Josh Gubler

I was also surprised by Glacier Vault Lock and SSM Patch Manager. Lesson learned: read through the discussions to see what others are experiencing before you take the exam.

4 Answers

Congratulations on the new certification  🙂

Thank you for the feedback I have made sure that it get s to Ryan.


I passed my exam today. I had similar topics same as Chatz. Though, I had only one question os SES endpoint. There were 2 or 3 questions on Forensics.  There were couple of questions related to kinesis and elasticsearch, 

Best preparation would be going through the course and everything mentioned by Chatz. Also, I suggest to do a deeper dive in KMS and how different services uses KMS. 

For container security (yes, I had a question on it and really grateful for Chatz input), see the first 30 min of the following video:
https://www.youtube.com/watch?v=Ofu22X7qHnc&t=1736s (AWS re:Invent 2017: Architecting Container Infrastructure for Security and Complianc (CON406))


Well done Ahmed

Also passed my exam 2 weeks ago.

Want also share what I got. I have to say this Certified Security – Specialty exam is quite broad.

Thanks to my general knowledge I passed, the Whizlabs practice exam didn’t help so much.

1.) KMS is key, you really have to know it. (Grant stuff a lot)

2.) I had 3 Active Directory questions (e.g. AD in VPC)

3.) Glacier Vault Lock I had too. I didn’t read this post before, so I was surprised and know I got that answer wrong (initiate-vault-lock)

4.) I had 3 WAF/Cloudwatch questions. e.g. What log files and data drive WAF rules.

5.) Some special IAM questions which covered the credential report

6.) All the normal stuff as above and expected

So watch the videos, but so far I would say it only covers 75%, or did you see Glacier Vault Lock mentioned 😉

Has anyone written the AWS Certified Security Specialty using this book or video from Udemy in addition to ACG? 

AWS Certified Security – Specialty: Study Guide: Covers exam objectives, review questions and exam preparation quizzes –  Zeal Vora

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?