I already got 6 AWS certifications, but failed on the 7th, and I am really disappointed about the failure, especially that I change 3 questions’ answer at the last point…
Some exam experiences that may need to care besides the knowledge covered by videos:
1. Athena can occur in questions or answer’s options many many times, you need to know which service will store something e.g. logs into S3 and what’s the advantage using Athena compared to some other places e.g. console.
2. X-Ray, Macie, Guard Duty, Quicksights can occur in options, so you may need to know what’s the scenario for them.
3. There are many questions related to CloudWatch, CloudTrail, Config. I think the videos are almost enough to answer these questions, but you’d better have hands on experiences on CloudTrail configuration because some questions are in detail e.g. some "exception" situation on S3 Bucket/Prefix config.
4. You must know SES Endpoint url and port to one question
5. You must know which region to generate ACM certificate to be used by CloudFront, else you will be very confused on one question.
6. Deep understanding on CloudFront signed URL vs Cookies. You will have one question to choose between them.
7. DNS related stuffs in VPC for one question. Which actions need to be done to use customer DNS server instead of using AWS provided DNS server.
8. There are at least 3 questions related to KMS Grants. So be really prepared on that after you get knowledge for KMS policy.
9. At least 3 questions on Cognito. Understanding how it works with IAM, and other IDP etc. You will see User Pool, Group, Sync Trigger etc.
10. How to get IP packet related logs in VPC, and maybe ELB as well (you need to know multiple ways)
11. How to reduce container attack surface area on Container (you need to know multiple ways)
12. Know really good on IAM/S3/KMS policy, especially NotPrinciple and a few possible Conditions for MFA, Glacier, KMS etc.
13. Glacier Vault Lock Policy.
14. There are a few places related to "host-based" that make me a bit confused, e.g. monitoring some network traffic on EC2, or to apply some security stuffs on EC2 (May be similar scenario as I can’t remember clearly on this point).
15. Kinesis & Elasticsearch. You will see them in one question, and you just need to know what’s the key benefits of these services.
Of course you need firstly to understand every point in videos then take a look at my above tips to answer some questions that video doesn’t cover.
I am going to re-take two weeks later and try to pass it, and I will share again if any new finding.
@Xibing Tough luck! I am planning to write the test next week, and I will defenitely read upon your tips. I wanted to know if you have taken any the Whizlabs or any other practice tests. If so how close were they to the actual test? Good luck for the next try!
Hey @Hepumop Thank you. I didn’t take any practice test, but I had AWS daily usage for years. I think studying A Cloud Guru Videos and have some hands on practice on tips/services I mentioned can most likely pass the exam :-).
I think we took the same test, mine was very similar. Also Lambda@Edge was something that kept coming up. Hard test, lots around ELBs. My luck went the other way, just waiting to get my score. I found the Security Pillars and Security Best Practices we very helpful
I took a very similar test. I feel like I had 10 Athena questions. It was out of control. I found these blog posts: https://aws.amazon.com/blogs/big-data/analyzing-vpc-flow-logs-with-amazon-kinesis-firehose-amazon-athena-and-amazon-quicksight/ https://aws.amazon.com/blogs/big-data/analyze-and-visualize-your-vpc-network-traffic-using-amazon-kinesis-and-amazon-athena/
Thanks for your feedback from the exams, even though you didn’t pass. I think with some study, you can make it the second time especially with 6 certifications. I think the ACG videos are not enough for this exams except more practice and attempting more practice exams. They help you to think sometimes and also prepare yourself for unexpected because i think this course has a bigger coverage and includes the latest services making it difficult because most of the other certifications are usually behind year or two.