Anyone responsible for securing assets in Amazon Web Services may want to pursue the AWS Security Specialty certification. The exam has given me confidence to work at a professional level on any of the domains covered in the exam.
What is it?
The AWS Security Specialty certification was designed for professionals that currently work in security within Amazon Web Services. The recommended prerequisites are:
- Two years of hands-on experience securing assets within AWS.
- Comfortable with security controls for workloads on AWS
- Minimum of 5 years of IT security experience designing and implementing security solutions
These domains include:
- Incident Response
- Logging and Monitoring
- Infrastructure Security
- Identity and Access Management
- Data Protection
Someone who carries this certification will know AWS Identity Management inside and out. They will have the ability to write custom policies to provide least privilege for most AWS services. Security professionals with the AWS security specialty will also know what services to use to protect against specific types of threats and how to respond during an incident within AWS. Last the individual will understand methods of logging and alerting on all AWS services to provide actionable or automated responses to suspicious or malicious activity.
My studying was spread over multiple months due to “life”, but I would expect a security professional with a few years of experience to study about 3 months for this exam. Study material, at the time of this blog, was limited. I found a few great resources that I would like to mention.
I started studying with Linux Academy. This site was the most helpful for passing the exam due to the hands on portions of the studies. Linux Academy allows subscribers to configure and test costly AWS features within the temporary AWS accounts created during the course. While using Linux Academy I read a few beneficial AWS whitepapers listed below and listened to the AWS podcasts on the commute to and from work.
Next, after completing Linux Academy, I moved on to A Cloud Guru. While working on this study material, I watched a few great re:Invent videos on Youtube and continued with the AWS podcasts.
Last, I started the practice questions from Linux Academy and A Cloud Guru. A Cloud Guru questions felt more accurate to actual AWS Security Specialty Exam. I used whizlabs to test when I did not have much time to take a full set of 65 questions, and finally I did use a voucher from my last AWS certification to redeem an official AWS Security Specialty Practice Exam.
*TIP* The official AWS Security Specialty Practice Exam does not show correct answers upon completion. Move slowly through the questions and research any answers you are not sure about before completing the exam.
- AWS Whitepapers (Yes, they do help)
- Re:Invent Podcast
- Official AWS Podcast
- Linux Academy
- A Cloud Guru
- re:Invent IAM Policy Master
- re:Invent DDOS Best Practices
- re:Invent KMS Best Practices
I recommend showing up early for the test to ensure you are not late starting due to other testers getting signed in.
During the exam I felt that the questions were fair, and required the reader to choose the best option based on the needs described in the question. For example, though some answers were technically correct, that answer may not have been the cheapest option preferred by the subject in the question. Very few questions in the test required only knowing what the services did or what they are used for. All other questions required a deep understanding of how to deploy and secure a solution. I moved through the questions quickly and just marked the questions I was not sure about for review at the end. Once I had answered all the questions I slowly went back through the marked questions. Be careful changing these questions, you are usually correct on the first go-around.
Results are displayed immediately after completing the questions and the short survey at the end.
Overall, I felt like the AWS Security Specialty exam has prepared me to confidently secure assets/resources within AWS and provide security feedback for current cloud deployments. I also feel the exam has allowed me to quickly troubleshoot/respond to security issues and resolve them based on least privilege and best practices.
Feel free to reach out in the forum if you have any questions, and until next time, stay safe in the Trenches of IT!