AWS Security Speciality

scascscasc Posts: 170Member ■■■□□□□□□□
Dear all,

I will be obtaining the solution architect - associate in July with a view to attempting the security speciality later on (I work as a security architect). I wanted to ask if the ACG security speciality course covers the material well enough to pass the exam? If not, what specifically should be done/studied to attempt to pass the security speciality exam?

Thanks in advance...
MSc, BSc (Hons), AWS CSA, C-CISO, CISSP, CISM, CISA, CRISC, GSNA, CEH, CHFI, TOGAF, CISMP

Comments

  • cochi78cochi78 Member Hannover, GermanyPosts: 57Member ■■□□□□□□□□
    Sorry for a late reply.

    I felt the course prepared me well for the test, especially the detail sections about importing keys into KMS, CloudHSM usage and policy precedence resulted in some quick points on my side. When I took it, it was still the beta state (after the exam was cancelled) and very rough cut. But I've noticed the course has been refined and the additional sections look well enough. I did not do a rerun of the bad parts, so can't say if those got fixed (bad audio editing, missing sections). I guess that's done though.

    So: yup.

    2019 Goals - LPIC 701, CASP, CISA, CISSP, CRISC, CISM
    2019 Recert - AWS ANS, AWS SCS, Docker Associate, CySA+
  • scascscasc Posts: 170Member ■■■□□□□□□□
    Fantastic - many thanks for letting me know. Will get on this right away - doing my solution architect - associate first next month. Was contemplating doing the professional after. Do you think worth doing?
    MSc, BSc (Hons), AWS CSA, C-CISO, CISSP, CISM, CISA, CRISC, GSNA, CEH, CHFI, TOGAF, CISMP
  • cochi78cochi78 Member Hannover, GermanyPosts: 57Member ■■□□□□□□□□
    Definitively worth doing and one of the really appreciated certifications. But it's hard, with 70-78 questions in 170 minutes and those being rather lengthy and detail-oriented. Professionals are less about knowing the right thing, but about applying it to customer requirements. TBH my recert some weeks ago felt easy, but I have been doing nothing than those topics for like 3 years now, so I am not typical.

    Prep for those is mainly also on acloud.guru/LinuxAcademy, then reading all the service FAQs, most relevant whitepapers and of course once again CloudPros app / Whizlabs practice tests.

    Wish you luck :)

    2019 Goals - LPIC 701, CASP, CISA, CISSP, CRISC, CISM
    2019 Recert - AWS ANS, AWS SCS, Docker Associate, CySA+
  • scascscasc Posts: 170Member ■■■□□□□□□□
    Thanks for the feedback - really useful.

    I work as a security architect, doing more work within cloud security architecture and wanted to see which one I should look at = either architecture professional or security speciality. I'm torn between the two tbh.
    MSc, BSc (Hons), AWS CSA, C-CISO, CISSP, CISM, CISA, CRISC, GSNA, CEH, CHFI, TOGAF, CISMP
  • fascfasc Posts: 13Member ■■□□□□□□□□
    I sat the Beta exam on March 2nd. Got the result back a few weeks ago with a score of 880 out of 1000. The passing score is 750.

    This is a copy of my feedback from the day I took the exam. I think it is still applicable.


    I sat the AWS Certified Security - Specialty Beta today and felt well prepared. I'm really hoping I passed. I also did the ACG course but went further in the preparation. Also watched several ReInvent 2017 videos on security topics and took some notes on those. Then I read several of the Whitepapers and did many labs to fully understand the security features. This extra effort was essential during the exam as many questions were not completely covered by the ACG videos. Nonetheless, this is a Beta Exam so I know some topics are unpredictable.

    I highly recommend you do the CSAA first. I also did the CCP as a pre-requisite for the Security Exam but then realized I needed a better grasp of basic AWS features before doing the Security. Thus, I studied for the CSAA and passed that a couple of weeks ago. I was a lot better prepared for the Security Exam than I was for the CSAA. That's why I'm hoping I'll pass.

    Knowledge from the ReInvent 2017 videos is key as they fill in some very specific details of KMS, incident response, and IAM. I even felt like one KMS scenario question on the exam was poorly formulated as I had just watched Ken Beer's presentation on KMS explaining how KMS Policy is KING and trumps IAM policy. The exam question seemed to ignore that fact and in essence, should have no right answers.

    Finally, after you have completed the CSAA on ACG, watch the S3 Masterclass and the Sysops classes as well. Some complementary material in those.
  • scascscasc Posts: 170Member ■■■□□□□□□□
    Many thanks for the feedback. Which videos did you watch specifically for ReInvent as I have seen there are many? Am also going for the AWS security operations class later this year which should hopefully reinforce the things needed to pass.
    MSc, BSc (Hons), AWS CSA, C-CISO, CISSP, CISM, CISA, CRISC, GSNA, CEH, CHFI, TOGAF, CISMP
  • cochi78cochi78 Member Hannover, GermanyPosts: 57Member ■■□□□□□□□□
    Fun fact about that class: if you take the class after November 1st, the instructor will be required to have passed the Security Specialty himself, so he can actually answer questions about it and probably tailor the course a bit.

    Before November, the criteria for instructors are weaker as the Security Specitalty is so new, that AWS granted us a roughly 6 month transition window :)

    2019 Goals - LPIC 701, CASP, CISA, CISSP, CRISC, CISM
    2019 Recert - AWS ANS, AWS SCS, Docker Associate, CySA+
  • scascscasc Posts: 170Member ■■■□□□□□□□
    Good to know, thanks for sharing. Gives a bit more assurance around what is required to pass the exam.
    MSc, BSc (Hons), AWS CSA, C-CISO, CISSP, CISM, CISA, CRISC, GSNA, CEH, CHFI, TOGAF, CISMP
  • nawanisnawanis Posts: 20Member ■□□□□□□□□□
    Are you looking for Security related videos?
    I can let you know.
    Thanks,
    Ashok
Sign In or Register to comment.