Congratulations !! You have chosen this course. So you are already ahead of so many peoples.
I will not bore you by saying about exam and evaluation process as you already know this and TIME is too precious. Here, I will directly share my experience of passing the exam instead of explaining whole process. So let's get started.
This exam will assume that you already have associate-level knowledge of AWS (It's not prerequisite but still best practice) and some knowledge about Security is also good to have. Then, when you start preparing, go through deeper in services given in AWS's guide. But don't take too seriously what it recommends (5 years of experience), I have 1 year of industry experience and I have passed the exam by hard work.
Let's have glance on how to prepare for the exam with strategic planning which you can also follow….
Just like you, I had also researched tips and tricks before giving an exam so the exam was as hard as expected. There are so many questions describing scenarios in which you need to choose the best suitable things. You should also read the question properly. They will try to confuse us with some word tricks.
I have prepared from the Linux Academy course, mainly. You can also go for ACloudGuru too. In addition, I found AWS Re: Invent videos are too good. I would suggest to go through higher level videos of Re: Invent. (Level can be checked by a code given in title 1xx 2xx 3xx 4xx) Also, AWS whitepapers are a better choice to go through it. I read KMS best practices, DDOS protection and also Security best practices. You can also use community channels to discuss your questions like Linux Academy has one in slack and maybe Acloudguru has it too.
For practice exam, I experienced with some few questions available on the Internet (Usually I find it using Google tricks ;)). For this exam, I had tried the Whizlabs practice test from Udemy. Also, try not to skip AWS sample questions. I had also taken the AWS Practice exam which has 20 questions in 1-hour limit. But don’t be dependent on practice exams, I didn't get any question from any practice exams. This thing is dependent upon your understanding of concepts.
Download Exam Guide
- In-depth knowledge about KMS is required. You should consider learning policies, privilege separation, rotation, use of keys, types of keys. Also, how it integrates with other services.
- Know that it records API calls of your accounts. Also, how to troubleshoot event occurred.
- Monitoring service but much more things can be done with it
- It is must to know and detect root cause.
- You should know IAM policy conditions and also know how to evaluate permissions from Service Policy - User Boundary - User attached Policy - Resource-based policy
Trusted Adviser and Config
- I have encountered some confusions in these two.
And the list goes on….
Without Strategy, Execution is aimless.
The main thing I like about Security Specialty exam is we have more than enough time to complete the answers. But you should know that questions will take more time than it takes in practice exams.
Read the question properly and try to think basic things the given service can/can't do. Based on that eliminate the options. I can exclude half of the choices by this method in most of the questions.
Make notes of what you have learned. This might seem too basic thing but most people avoid this. I had avoided taking notes in my college days but I am sure you will get benefited by taking notes for this. Try to summarize what you have learned in videos. It will help you to revise things quickly. Suppose, I have not taken notes, then at the time of revision I need to watch the videos again and it will consume too much time again even if I watch it at double speed. Just revise the notes and you will understand concepts in a few minutes rather than watching videos again.
And don't forget
Without execution, Strategy is useless.
It is said that "Sharing is learning", so discuss with others what you have learned and you will gain confidence.
That's it, guys. Do let me know if you stuck anywhere. I am just a Click away ;)