DEV Community

Cover image for Passing AWS Security Specialty Exam — My Tips and Notes
Sena Yakut for AWS Community Builders

Posted on • Originally published at Medium

Passing AWS Security Specialty Exam — My Tips and Notes

I recently passed the AWS Security Specialty exam and want to share my experiences, study resources, and process with you. I hope these tips will help you to pass your exam. Let’s start together!

  • This cool exam takes 170 minutes.
  • It costs 300 USD. If you have any coupons/vouchers, you can use this.
  • The exam includes 65 questions with multiple choice or multiple responses.
  • You can attend the exam via Pearson Vue testing center or online proctored.
  • AWS recommends five years of IT security experience in designing and implementing security solutions and at least two years of hands-on experience in securing AWS workloads. But this is only a recommendation, not an obligation. You can still prepare for the exam.
  • You need to know AWS like a solution architect. So, it’s important to get AWS Solutions Architect certificates before this exam.

Read the AWS Documentation about the Exam

If you decide to take this certificate, you first need to read AWS documentation about the exam. These documents include general information about the exam, its scope, and some sample questions. For sample questions, I solved them on the first day of my study schedule and after that, I also solved them before the exam day. It helps you to understand your progress.

  • For the exam guide, you can use this.

  • For the sample questions, you can use this.

In addition to this, it’s important to know “AWS Well-Architected Principles”. It helps us build secure, high-performing, resilient, and efficient infrastructure for our workloads. The security side is important for this exam. You can read the security pillar whitepaper.

Use AWS Training Module

This module is so helpful for starting your certification process. This is not for just the Security Specialty, there are lots of training videos, documents, and exams to help your cloud journey or other certifications. The following ones that I’ve used in my process:

Also, there are Cloud Quests that help you build practical AWS Cloud skills. I’ve solved the Security and Solution Architect badges, but they require a subscription. You can read more about it here.

Use Video Resources

For this exam, there are not so many video resources like full courses. But I can recommend some videos that saved me.

Practice with Example Questions

Practicing is always important. There are lots of questions in different places but I’ve seen there are lots of wrong or old responses (AWS changes lots of services or adds details every year.) So, it’s important to get clear and right exam samples. For me, the most useful ones are AWS training module questions and Whizlabs. There is a free test if you want to check. Feel free to solve this if you want to decide to buy the tests. If you buy it, there are four full exams with unique exam practice questions.

Which AWS Services should You Know Mostly?

This is a general and challenging security exam, so you should know all of AWS security services mostly. But from my experience strongly recommend you need to know AWS KMS, AWS IAM, AWS Organizations, and AWS networking and logging and monitoring concepts and services such as AWS CloudTrail, AWS VPC Flow Logs, etc. in all aspects. Before the exam, you need to read all whitepapers about all security services. You can take some small notes to remember anything quickly. And it’s also important to do some practice labs about all of them. It’s more important to practice something than just read it.

My Personal Comments & Suggestions for You

  • I have other AWS certificates, but I think this is one of the most challenging. I’m working as Cloud Security Engineer, and I know the general cyber security and cloud security concepts since university, but in the exam, there are lots of focused and long questions about AWS security services.

Image description

  • Lots of the questions include multiple responses with example scenarios so I think it’s important to use these services in your work or training process. You need to practice with every security service in AWS.

Image description

  • If you do not know general security concepts, you should learn all of them such as encryption & hashing methods, algorithms, and encryption in transit/rest concepts.

Image description

  • For the studying process, I strongly recommend solving all test questions again and again. You should ensure to know all the questions in the example exams. I’m not saying memorize everything. You need to know why we select this option. You need to know all concepts.

Image description

  • In the exam, always think worst-case scenario. Some questions ask you about “cost optimization or highly available architecture”. But when you’re selecting this, you do not want to be hacked. So please ensure that you select the most secure option with other conditions.

Image description

  • Some questions are more challenging than others. If you do not know anything about these, skip them, and solve questions that you are more confident about. And then, you can come back to these, take a deep breath, and try to understand the case.

Image description

  • For selecting the right exam time, you should not choose midnight time because I was very tired and did not sleep well. It was hard to focus on the long questions and scenarios in a situation like this.

I hope my advice and recommendations will help you in this exam process.

Thanks for reading! Stay safe in the cloud! 🤞 ⛅️

AWS Certified Security – Specialty - Credly

Earners of this certification have an in-depth understanding of AWS security services and the shared responsibility model (between AWS and the customer). They demonstrated the ability to design, implement, and troubleshoot various security models in the AWS Cloud. Badge owners can leverage various security models for organizations of all sizes.

Top comments (3)

krlz profile image

Sounds great, I saw many work opportunities adding AWS certificates as a requirement for the job position, thanks for sharing

dvddpl profile image
Davide de Paolis


senaykt profile image
Sena Yakut