Certified Security - Specialty

Sign Up Free or Log In to participate!

Passed Security Specialty

Good morning everyone, hope everything is well. I passed yesterday and wanted to give you guys a quick overview of what I did to prepare, and answer some common questions people usually ask me.

1.How long did you take to prepare?

a. I started studying for the exam 4 days ago, but I have hands on experience and have touch the services, troubleshooted them in the past.

2. Did you only use ACG?

b. I used ACG, read the KMS,DDOS Whitepaper and looked at two re-invent videos(at a faster speed). It wouldn’t hurt to watch the ELB videos(re-invent)or the advance networking course.

3. Did you notice anything on the exam that was not covered?

c. I did notice that the exam had roughly 2 questions regarding Lambda Edge questions.

My biggest tip for the exam is to think about security( I know this sounds weird) but before you answer a question, think about the service itself. For example in my case, I deal with serverless services on a daily basis which makes me want to pick serverless services(Lambda) anytime I take an exam.

Before providing an answer double check and ensure you aren’t going for the answer just because you’ve used another service in the past to accomplish the ask, believe it or not your brain might have bias for a certain service. This helped me in the exam for at least 2-3 questions.

In terms of the services I would spend more time on, it would include KMS, WAF, IAM, Logging! ,difference between S3 bucket policies and ACL(benefits, which one to use in certain situations) . Make sure you understand SCP’s, and you can read a simple IAM policy. In addition make sure you understand Glacier Volt lock.

I hope everyone stays safe out there, and takes the time you’re WFH to study and pass more certifications.

Thank you to the ACG team for providing quality material here. Please do add more material on Lambda Edge.


Totally agree with the bias thing. That got me a lot when I first started getting AWS certs. Do you remember how many questions were related to picking the best service for DDOS for example? Or if there were questions asking if you should use cloudwatch events vs guard duty for malicious actions?

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?