17 May 2022

How I Passed the AWS Certified Security - Specialty Exam

Tips and recommended materials used to pass the exam.

Mario Lunato
Mario Lunato Senior Security Engineer LinkedIn

With two of the hottest trends in the cyber world being Cloud and Security, the AWS Certified Security - Specialty exam is a great way to expand your knowledge into both areas. This exam validates expertise in securing data and workloads with the security-specific tools provided by AWS Cloud. If you work in the security realm, then taking your security knowledge and applying it to the cloud is a logical next step in expanding your expertise. This is now the fifth professional certification that I have taken over my 7-year career in the IT industry. The list of the exams I have taken now includes AWS Certified Security - Specialty, AWS Solutions Architect Associate, AWS Certified Cloud Practitioner, Security+ and A+.

The Exam

The AWS Certified Security - Specialty is a 65-question exam in which you are given 170 minutes to complete. This is different from the Associate exams, which give you 130 minutes to complete. With 170 minutes you can spend 2.5 minutes on each question and have time left over to review any questions you may have flagged while taking the exam. The extra time is necessary as the questions are generally more complex and, in my opinion, more difficult than the questions on the associate exams. The exam is broken down into five domains: Incident Response, Logging and Monitoring, Infrastructure Security, Identity and Access Management, and Data Protection. The following chart lists out the domains and what percentage of the questions on the exam each one accounts for.

The Domains on the AWS Security Specialty

Details on Each Domain

AWS lists out the specifics for each of the 5 domains that the exam is going to cover in the AWS exam guide. The exam guide goes into more of the specific details on what topics to focus on in order to prepare yourself for the exam. AWS even provides a list of services and features that are out-of-scope for this particular test. It is recommended to read through the exam guide at least one time prior to taking your certification test. Below are the details that fall within each domain as listed in the guide:

Incident Response

  • Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
  • Verify that the Incident Response plan includes relevant AWS services.
  • Evaluate the configuration of automated alerting, and execute possible remediation of security-related incidents and emerging issues.

Logging and Monitoring

  • Design and implement security monitoring and alerting.
  • Troubleshoot security monitoring and alerting.
  • Design and implement a logging solution.
  • Troubleshoot logging solutions.

Infrastructure Security

  • Design edge security on AWS.
  • Design and implement a secure network infrastructure.
  • Troubleshoot a secure network infrastructure.
  • Design and implement host-based security.

Identity and Access Management

  • Design and implement a scalable authorization and authentication system to access AWS resources.
  • Troubleshoot an authorization and authentication system to access AWS resources.

Data Protection

  • Design and implement key management and use.
  • Troubleshoot key management
  • Design and implement a data encryption solution for data at rest and data in transit

Testing Tips

Take Your Time!

It is extremely important to take your time and thoroughly read the questions. The exam authors will throw in very particular words or phrases that can change what the correct answer is, based on one key detail that is given. Two key phrases to hone in on that I noticed from the practice tests Iā€™ve taken and the real exam is the use of ā€œmost cost effectiveā€ or ā€œminimal operational overheadā€. These two details can throw you off during the test if you donā€™t pay close attention to the responses you have to choose from. If you see these two phrases, donā€™t jump for the first answer that sounds correct. Look at all the answers, and refer back to those key phrases. Ask yourself, ā€˜Is this really the most cost effective route?

Process of Elimination

Just like taking any other form of exam or test, try and use the process of elimination when you arenā€™t quite sure what the answer is. Using the process of elimination can help in saving time as it allows you to focus your attention on the choices that more accurately answer the question being asked. Sometimes there can be a choice that is completely wrong and not even close to the right answer allowing you to eliminate it right away. Other choices might be closer to the correct answer but also may contain one key detail allowing you to eliminate it as well. Time is the most crucial resource when it comes to taking the exam and saving as much as possible is key.

Question Flagging

It is also good practice to flag a question to come back to later on so you can make sure to not run out of the allotted time. This is such a key test taking tip for anyone who may be an over-thinker like myself. It allows you to knock out the questions you are most sure of and then loop back and really reread the questions and answers of the ones you are more unsure of while preserving as much time as you can. If you use these tips and head into the exam with a confident attitude, thereā€™s no doubt you will walk out with a passing score!

Study Resources

There is tons of material out there geared towards helping people prepare for and pass this exam. There is no right or wrong choice when it comes to the material you use as long as you feel comfortable and confident to take the exam once you have completed the course/practice tests of your choosing. A Cloud Guru (ACG) and Tutorial Dojos were two of the best resources I have found for preparing myself for any AWS Exam Iā€™ve taken. The ACG course has 21.6 hours of content to go through, including 123 lessons, 8 quizzes, 2 hands-on labs and 1 final practice exam for this particular AWS cert. I canā€™t recommend their courses enough for any exam you may be preparing for. The ACG team does an amazing job of hitting the topics that are going to come up the most on the exams, providing the needed knowledge to not only expand your skills but to also be ready to pass the exam.

Tutorial Dojos is my unanimous winner and go-to for everything related to certification practice exams. Their practice tests are absolutely amazing! The practice exams offered from them were such a huge study resource. The exams do a very good job of preparing you for the exact style of questions you are going to see on the actual exam. The nicest feature about their practice tests for me was that after finishing it, they give you a small excerpt on what the correct answer is and why that is the correct answer. This feature really allows you to understand why you may have gotten a question wrong, which for me is a huge positive learning experience. There are even links in these excerpts to lead you to even more information about that topic or service. Occasionally they also include short videos that will discuss the topic even further to really make sure you understand the reasoning behind the correct choice. Between these two resources I was more than prepared to take the exam and crush it!

Whatā€™s Next

Now that I have completed three AWS certifications and have a greater understanding of the offerings and tools from AWS, along with knowing how to properly address security in a cloud environment, I am going to shift my learning to another HOT topic in the cyber domain, containers. The next certification I am going to be pursuing is the Certified Kubernetes Administrator (CKA). This will be a great cert to open the door for me into the world of how containers work along with how to properly secure them. I will use the aforementioned tips that I have learned from this experience for future certifications that I will pursue. Sadly Tutorial Dojos does not offer any study materials related to the CKA certification exam. To study for the certification I will be using the course offered by The Linux Foundation to prepare for the exam. They offer amazing content which includes 35 hours of course material, hands on labs & assignments and you can purchase a package that includes an exam registration token.

Taking a certification exam isnā€™t just about acquiring the cert itself; the biggest thing is the knowledge and skills you gain while preparing for the exam. Even with a failed attempt, you still gained knowledge you previously did not have and can focus on the areas you can improve. Within the cyber world there are endless things to learn, all of which play a role in the overarching world that is cyber. Learning new things is just like leveling up your character in a video game, youā€™ve now unlocked a new skill to bolster your utility belt making you even more dangerous. Never stop growing and learning new things! Also remember at the end of the day to always bet on yourself!

If you have any questions, or would like to discuss this topic in more detail, feel free to contact us and we would be happy to schedule some time to chat about how Aquia can help you and your organization.

Categories

aws security Certification