Hey InfoSec Community!

I recently passed the AWS Security Specialty Exam, and I thought that sharing my path to a successful attempt would be worthwhile. While this test is very rigorous and tricky, I hope to point you in the right direction for courses and study material.

Background

I am a graduate of Georgia State University with a BBA in Computer Information Systems and currently a Master of Science Degree Candidate at Kennesaw State University for Cybersecurity. I now hold three certifications: CySA+, AWS Solution Architect Associate, AWS Security Specialty. I have been on the AWS platform for close to 2 years now. I currently work as a Cloud Security Engineer here at ByteChek.

How I prepared

Previously, I depended on Linux Academy (now a subsidiary of A Cloud Guru) for AWS and CompTIA courses, and I feel it has been the foundation of my successful attempts with previous exams. So I would certainly recommend using this platform and the course available to help lay the foundational parts of the exam in an easy-to-understand format. As a college student, I try to simulate the style of teaching I receive on-campus anytime I’m looking to prepare for a certification exam. A Cloud Guru delivers the course broken down into 9 chapters that include short 8-10-minute slide deck videos and corresponding labs. The labs cover all of the important parts of this exam (KMS, Cloudwatch, IAM, etc.). In addition to the labs, you also can use flashcards created by study groups or create your own based on the course material. Making flashcards helped me remember the multitude of services that are covered in the exam.

In addition to using the course provided by A Cloud Guru, it is essential to take a deep dive into the reading material available from AWS. In the Cloud Guru course, the instructor stresses the importance of reading the Security Pillar and KMS Best Practices white papers. The Security Pillar whitepaper teaches the best practices for building architectures that protect data and systems, control access, and how to respond automatically to security events. The KMS Best Practices whitepaper provides details on how an organization should use AWS KMS to protect sensitive information across several different use cases and the means of measuring progress for Incident Response, IAM, Detective Controls, Infrastructure Security, and Data Protection. In my opinion, KMS makes up a good majority of this test. Knowing KMS inside and out and how to implement the best practices within particular scenarios will prove to be important as you tackle the three-hour exam. Having a good understanding of KMS can get you 8-10 points.

Whitepapers

KMS Best Practices

Security Pillar - Well-Architected Framework

Workshops

I also took advantage of the workshops AWS has available to us. The following workshops allowed me to get my hands dirty and truly apply the knowledge that I gathered from the 20-hour course provided by A Cloud Guru.

Integration, Prioritization, and Response with AWS Security Hub

Scenario - Protecting Workloads on AWS from the Instance to the Edge

Build a Vulnerability Management Program Using AWS for AWS

Practice Exams

After doing some research on practice exams, I decided to use Whizlabs Practice Exams. I got 4 practice exams which totaled 260 questions. In addition to the practice exams, I received a sectional test that broke the questions into their respective topic. this allowed me to work on my weaknesses more effectively before taking the exam.

Whizlabs.com AWS Security Specialty Practice Exam Package (4)

Summary

Passing this certification exam will take time and plenty of hands-on lab experience. I spent about 2 and a half months preparing for this exam, and I certainly recommend you dedicate the same amount of time by repeatedly taking your practice exams, reviewing notes, attempting labs multiple times, and creating new lab scenarios to test out services and their abilities.

Make sure your well-rested and relaxed, and trust that your preparation will allow you to successfully pass this exam. Best of Luck!

Did this answer your question?