Certified Security - Specialty

Sign Up Free or Log In to participate!

Passed the Security Specialist Exam (re:invent 2018)

Passed yesterday with a 895/1000.

Shout out to the folks who posted here in the last few months with tips, this was

definitely appreciated and agree with the less popular posts that ACG really has to

own updating content, even if it’s just a addendum video.

This post is to help pay it forward for folks testing in the upcoming few months.

(I’m guessing AWS will likely do a fairly significant version update mid Q1 of 2019)


I prepared with ACG, as well as bought the Whizlabs. I agree with other posts

that the reinvent 2017 videos on IAM and KMS, Security are excellent and definitely

yes to blog posts. Some answers to the questions can literally be answered by reading these.

One resource I don’t think is mentioned ENOUGH is simply the AWS Developer Guide.

Yes it can be a bit tedious to read through this but if there’s any realy single point

of truth for an answer it lies here. Ensure you read the ‘Security’ section, the FAQ/Troubleshooting

as well as any footnotes that say "IMPORTANT". Whitepapers weren’t really that valuable to me as they

seemed a bit heavy and unnecessarily deep for me.

Topics wise you MUST have strong knowledge of


IAM / Organizations


Cloudwatch / Cloudtrail / AWS Config

VPC Infrastructure Security / Incident Response

If you don’t understand aspects of the above. Go lab up and read up.

Also needed

Cloudfront / WAF




Glacier Vault Lock

You’d be smart to also know the functions for Lambda@Edge and basics for Macie.

CloudHSM is almost been retired. I think I talked to 4 other people who took the exam and out of all of us, only

1 person got a question on cloudHSM.



  • Read the question, then reread the question, read the answers, read the question again.

I can’t stress how important this is. The Whizlabs give you the style of the question although the scenarios are a bit easier in the Whizlabs. AWS produces conditions in their questions that your answer MUST satisfy. If you read it, you’ll generally be able to narrow the valid answers to 2 or 1 possibilities right away. If they say ‘cost effective’ the answer is very likely NOT going to be the one involving spinning up RDS databases or an ASG with instances. fs they say ‘most secure’, then you can eliminate things that aren’t using things like encryption/authentication. You get the picture.

You have lots of time, although I only had about 40 minutes left. Take breaks, rest your eyes, drink water. Don’t gloss over anything. Flag it for follow up and come back if you’re on the fence

Overall I probably overprepared a bit, but I thought in general it was kinda fair. There were a few questions (which I gave feedback on) that I swear were bits of nasty broken English and answers that were just vague and kinda gros, but there were probably only 2 or 3 like this. Some of them were actually very clear and concise.

ACG will be updating their content in the new year, but from certification experience in many fields, don’t rely on a single source (unless you’re gonna read ALL the developer guides) for knowledge. 

Best of luck!

Prabhat Krishna

I passed the exam today.. waiting for marks.. my experience is same.

2 Answers

Congratulations and thanks for the write up.  I’m about to start studying for this one so any info is really helpful.

Marty Chong

Based on the announcements at re:invent I don’t think there will be a ton of core curriculum changes. Looks like KMS Custom key store is the only thing in GA, but I’d suspect Security Hub and Control Tower to be on it soon. Likely more content on organizations as that develops. ref: https://aws.amazon.com/new/reinvent/

Hi All,

just to let you know that we have begun updating the course for 2019, based on feedback from everyone. I have added a section today (Chapter 9 – Updates For 2019) which I will continue to build out over the next few weeks to include any gaps in the course.

I have also added a lecture covering additional resources and grouping together all the best White Papers and re:Invent videos to watch.

If you have anything to contribute, please do let me know!



Jorge Rodriguez

Thank you Faye! I am scheduled to take the exam Friday, the new lectures are very helpful and I have been using the resources there to fill in gaps.

George Cotlet

Hey Rodriguez, could you share some feedback? thx

Faye Ellis

Great Jorge! Please do let us know how you did in the exam!

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?