My Journey to AWS Certified Security - Specialty

Published on October 23, 2024

Introduction

My journey to becoming AWS Certified Security - Specialty began in January 2023 after successfully passing the AWS Certified Cloud Practitioner exam. I set my sights on this certification as a means to deepen my understanding of cloud security, AWS services, and best practices. In this write-up, I'll take you through the steps, resources, and experiences that shaped my path to achieving this significant milestone in my career.

Preparation and Resources

I began by learning the basics from the "Ultimate AWS Certified Solutions Architect Associate SAA" course by Stéphane Maarek. This course provided a solid understanding of AWS services. Then, I dived deeper into security with courses like "AWS Certified Security Specialty 2023" by Zeal Vora (Thanks to Zeal for giving me a discount voucher), "AWS Certified Security – Specialty" by Chandra Mohan Lingam (Thanks to my manager Devan Nair for purchasing this course), and "Ultimate AWS Certified Security Specialty" by Stephane Maarek. Each of these courses taught me something different, but I liked Zeal Vora's content the most.

Professional Background

My role as a Security Engineer at Acko involves responsibilities such as Security Automation, Implementing Cloud Infrastructure Security Monitoring, and Building Detections and Incident Response capabilities. With approximately 2.5 years of experience in the cybersecurity domain, I had already worked with several services covered in the exam, which significantly eased my preparation process.

Hands-On Experience

To gain practical experience, I utilized $75 in AWS credits obtained from various AWS events like Summit and Innovate. This allowed me to enable services not included in the free tier, such as AWS WAF. I highly recommend creating your own labs and practicing extensively by building resources and exploring all available options. If you need inspiration, you can even use tools like ChatGPT to suggest security scenarios for hands-on labs.

Example prompt: Please provide 20 AWS security scenarios for creating hands-on labs involving vulnerable AWS resources. These scenarios should require participants to respond to security incidents and learn how to remediate vulnerabilities.

Exam Domains

The AWS Certified Security - Specialty exam is structured around six domains, each carrying a specific weight:

• Threat Detection and Incident Response
• Security Logging and Monitoring
• Infrastructure Security
• Identity and Access Management
• Data Protection
• Management and Security Governance

My prior experience in domains 1, 2, 4, and some exposure to domain 6 through my work made those areas more familiar. However, domains 3 and 5 were new terrain for me, requiring additional effort in my preparation.

Exam Experience

The exam consisted of 65 scenario-based questions, with a four-hour time limit. To tackle the pressure, I scheduled it for a Saturday morning. I found the questions relatively manageable, though some were tricky. The ability to relate questions to real-life scenarios proved invaluable in cracking the exam, and I completed it in approximately 2.5 hours.

Conclusion

The AWS Certified Security - Specialty journey was a rewarding one that tested my knowledge and skills in cloud security. My hands-on experience, professional background, and dedication to learning were the pillars of my success. I practiced with questions from multiple sources, utilizing both online resources and various PDFs.

In conclusion, I encourage those pursuing this certification to embrace hands-on practice, relate exam scenarios to real-life situations, and draw upon available resources to solidify their knowledge.

Good luck with your next AWS certification, and I hope this documentation proves helpful on your journey!

Sunil K.