Please to announce that I wrote and passed the AWS Certified Security Specialist exam yesterday. My study material was completing the Security Specialist course on ACG, the Security Specialist course on Linux Academy. I highly recommend going through the Practice Exams offered on ACG as many times as you can and really dig into the reasons why the answers are correct. That will force you to dig a bit deeper into how these AWS services function in reality as opposed to just theory. Having said that, make sure you go through and practice how to implement many of these services as the exam had some questions about how to configure things such as WAF, or how to configure the JSON on IAM or KMS or even how to implement GuardDuty. Some of the exam topics that stand out to me are:
WAF – How to configure it
VPN and Direct Connect – How to configure it
EBS encryption
CloudFront
Secrets Manager
Systems Manager
S3
KMS
SSL
IAM
Application Load Balancers and Encryption
Troubleshooting AWS Config
Troubleshooting Lambda
Troubleshooting Secure Network
Troubleshooting Access to CMKs in KMS
AWS & WAF
Security Hub
DDoS
Permission Boundaries
Service Control Policies
Good Luck to all.