More than 1 year has passed since last update.

How to Prepare for and Pass the AWS Security Specialty Exam in 2023

Last updated at 2023-03-03Posted at 2023-03-03

Introduction

Have you ever wondered what it takes to become an AWS Certified Security Specialist? Do you want to learn how to secure and harden your AWS workloads and architectures? If so, you are reading the right blog post. In this blog post, I will share with you my journey to becoming an AWS Certified Security Specialist. I will tell you :

Purpose - Why I chose this certification?
Exam Overview in brief.
How I prepared for it?
Tips and advice on how to ace the exam and get certified.

By the end of this blog post, you will have a better understanding of what is AWS Certified Security Specialty certification, what are its requirements and objectives, and how to achieve it.

About me

Before I tell you more about my journey, let me introduce myself. My name is Hasmukhray Rathod and I am a chief engineer at NTT Data Intellilink Corp. I have been working with AWS for over 5 years and I have always been interested in learning more about its security features and best practices. I passed below certifications in my AWS Certification journery so far:

AWS Certified Developer – Associate (February, 2018)
AWS Certified Solutions Architect – Associate (May, 2019)
AWS Certified SysOps Administrator – Associate (August, 2020)
AWS Well-Architected Proficient (February, 2022)
AWS Certified Security – Specialty (January, 2023)

Purpose

I decided to pursue the AWS Certified Security Specialty certification because I wanted to validate my skills and knowledge in securing and hardening AWS workloads and architectures. I also wanted to challenge myself and grow professionally in the cloud security domain.

Exam Overview

Please find exam overview in brief :
Target Candicate: Candidate should have 5 years of IT security experience in designing and implementing security solutions.
Length: 170 minutes to complete the exam
Cost: 300 USD
Format: 65 questions; either multiple choice or multiple response.
Delivery method: Pearson VUE testing center or online proctored exam.

Exam Content Outline

Domain	% of Exam
Domain 1 : Incident Response	12%
Domain 2 : Logging and Monitoring	20%
Domain 3 : Infrastructure Security	26%
Domain 4 : Identity and Access Management	20%
Domain 5 : Data Protection	22%

Useful Links :

How I prepared ?

To get ready for my certification exam, I followed a study plan that was based on the exam objectives and domains. Besides using the official exam review materials, I also enrolled in some online courses on Udemy & AWS Skill Builder portal that are related to AWS Security domains. I am sharing list of resources I used below:

Udemy Courses (Included in Company's Business account)

AWS Skill Builder Courses (Free)

AWS Skill Builder - PartnerCast Series (Free with AWS partner account)

AWS White Papers (Free)

Practice makes perfect (Free)

All the resources I mentioned above are free and publicly available except Whizlabs practice test.

Tips and Advice

There is no shortcut to clear this exam. You must get clear idea about security concepts & hand-on with AWS security services. Let me share some high level questions. You must able to answer those questions with appropriate AWS services.

Questions	Services
How do you manage authentication & authorization for people and machine?	IAM IAM Identity Center AWS Organization AWS Resource Access Manager
How do you protect your network & compute resources?	AWS VPC AWS Network Firewall AWS Private Link AWS WAF AWS Firewall Manager AWS Shield
How do you classify your data? How do you protect your data at rest? How do you protect your data in transit??	Amazon Macie AWS KMS AWS Certificate Manager AWS Client VPN AWS Secrete Manager
How do you detect and investigate security events? how do you design security monitoring and alerting?	AWS Cloudwatch AWS Security Hub AWS Guardduty AWS Inspector AWS Config AWs Cloudtrail
How do you anticipate, respond to, and recover from incidents?	Amazon Detective AWS Eventbridge AWS Backup

Conclusion

Security is the highest priority for any organization. While moving on-premise workload to cloud, Data security & Infrastructure security are the biggest concerns. By preparing for AWS Security specialty, you will study security domains thoroughly. By applying those concepts in cloud projects makes your workload secure and reliable.
In this blog post, I have not discussed each domain in details. Based on the response, I may plan to write a detailed blog post for each domain with best practices.

Thank you very much for spending time on this blog post. Your comments and feedback are highly appreciated.

Keep Learning, and Keep Practicing.

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up