Hi and welcome to AWS Julie, today I wanted to talk about exam tips for the AWS Certified Security Specialty exam!
This is a great exam for anyone working in AWS or in the cloud to make sure you have the tightest security possible to secure your cloud infrastructure. It really is crucial for everyone to understand and implement security in your environment.
For this certification exam, I used the Linux Academy training course to prepare for this exam. The course takes an extremely deep dive to help you understand how to apply and implement security with different scenarios. I am going to say that it would be impossible to just memorize for this exam because the questions are scenario based so you have to understand the environments, infrastructure, and how to secure it as best as possible.
And like I do for all my preparations, I ran through the course twice, completed all the labs at least twice, and the practice exam multiple times. I found the Linux Academy labs are so essential to getting that hands on experience which also helps you remember the material so much more.
My exam had 65 questions with 170 minutes to complete, and even though that seems like a lot, it really is not since you have to read the scenario questions and answers and then pick the best choice. And my first tip is to read the question twice, first time to get familiar and the second time to pick out key words and what the question is asking, so you can choose what is the best configuration to solve the problem. And by actually understanding the security concepts needed for this exam, you should have enough time at the end of your exam to go back and review your questions and answers. Reviewing is really important because sometimes down the line you will have a question that actually answers a previous question that you saw earlier in the exam. And this is one of the reasons that practice exams and quizzes can really help you prepare for this exam. The more practice questions you do, the better you become at reading comprehension and also picking out key words. Usually with the AWS exams, there are 2 correct answers, but one of the 2 is a better choice or is more correct, more secure, etc. And remember this is key, make sure you dive deep into areas you are weak and keep answering questions wrong.
I saw questions on incident response, VPC, NACLs, Security Groups, policies (what a particular policy is missing), logging, monitoring, IAM, data protection, big data questions, S3, Athena, Macie, CloudWatch, CloudTrail, intrusion detection, reducing blast radius, a few on KMS, HSM, SSM, a couple on encryption, Lambda, Config, Cognito, Shield, Guard Duty, WAF, etc. Again I found the course does a great job covering these services, but I would recommend really understanding IAM, KMS, logging and monitoring, connectivity, and incident response before you sit for this exam.
Another tip is if you come upon a question in your exam and you get stuck, then flag that question and move on, because like I said earlier that question may be answered later on in the exam, but also because you have to manage your time. Also I like to try to visualize the correct answer before I look at the answers, and definitely use the pencil and paper that is provided to draw out the architectures and designs so you can see the question physically.
Do not forget to read the recommended whitepapers and FAQs are great too.
Security is so important in any environment and this is a great certification to have! Plus the preparation to pass this certification can only help build your own knowledge and help you follow best practices.
If you need help, please reach out! I am always happy to help in anyway!
Let’s get started and ready to ACE this exam!