I just recently took and passed the AWS Certified Security Specialty exam today. And thought I’d jot down my thoughts on the exam, what I used to study, and how I think it would help someone in InfoSec in their careers.
I started studying roughly 6 months ago, but it was really just casually looking at the exam topics, reading some whitepapers, and taking a really lax approach. Roughly 2 months ago I made it a goal to complete the exam before August. Here were the study materials I used:
- ACloudGuru Courses – https://acloudguru.com/
- Pricey monthly subscription but definitely worth the money. I would not have passed the exam without this sub. They offer a ton of videos, like 20 hours+ for this exam, and go over every domain the exam covers. They also have an online sandbox and labs so you can actually get some hands on experience with some of the services you’re learning about. Their practice tests were also a useful gauge of my progress as I was studying.
- AWS FAQs – https://aws.amazon.com/faqs/
- Before the exam go over the FAQ for CloudWatch, Config, GuardDuty, Inspector, Shield, WAF, ACM, Macie, Orgs, and KMS.
- AWS Whitepapers – Look up the whitepapers for DDoS Attacks, KMS best practices, logging in AWS.
- YouTube Videos, specifically, Becoming an IAM Policy Master- https://www.youtube.com/watch?v=YQsK4MtsELU , VPC Connection Options – https://www.youtube.com/watch?v=jZAvKgqlrjY , and Security MasterClass – https://www.youtube.com/watch?v=zU1x5SfKEzs .
- The Tutorial Dojo AWS Security Study Guide – https://portal.tutorialsdojo.com/product/tutorials-dojo-study-guide-ebook-aws-certified-security-specialty/.
You NEED to know KMS inside out. If you can master that service you’re 1/2 way to passing. Have a good solid grasp off all of the security services. Know how to secure EC2 instances and S3 buckets, both with IAM policies and using AWS services. Know how to securely rotate passwords, when to rotate creds, and respond to the exposure of access keys.
This course was useful exposing me to a lot of security services that I dont use day to day in my job. It also gave me a lot of insight into how to respond to security incidents in the cloud, and was useful in teaching me how to structure environments securely. I also got a ton of ideas out of the course for useful alerts within my AWS environment.