How I Passed the AWS Certified Security Specialty (SCS-C01)
Updated: Nov 29, 2022
After about three months of studying, I was finally able to pass the AWS Certified Security Specialty (SCS) with a 773!!!
Compared to the AWS exams I've taken, this one was a bit of a challenge. For starters, the exam is about 2 hours and 50 minutes long, and the questions were exceptionally detailed. About halfway through the test, I burned through half of the time allotted, and I had to rush a bit to finish it so that I had time to review my answers. So, you'll want to make sure you're managing your time well!
This exam was definitely not as easy as I thought it was going to be. Compared to the various other AWS exams I've taken, this one definitely took the longest to prep for. Listed below are the resources I've used to prepare for this exam:
I thought the course that ACG released was fairly decent considering the lack of courses that are available for the Security Specialty. The course is about 14 hours long and contains two hands-on labs that are pretty satisfactory. In addition, ACG offers a sandboxed environment for you to practice and follow along with the hands-on lectures. This is by far the best feature that ACG has released, but it is pretty expensive. For the course and access to the sandbox environment, you'll need to pay for the Personal Plus subscription, which is $47 USD a month. If you don't need the sandboxed environment, you could just pay for the Personal Basic subscription, which is $35 USD a month. Personally, I'd recommend saving time and getting the Personal Plus so that you don't risk owing AWS just in case you forget to terminate resources and disable security services like GuardDuty.
Both of the instructors are fairly good at breaking down some of the important services that are on the exam, however, I don't believe this course really goes into great depth of the security services. Therefore, you'll need to definitely read the FAQs and whitepapers to complement the lectures and labs. The links to the whitepapers are located in the AWS ACG course. To finish this course, I spent about 2 hours a day on the weekdays and between 2-4 hours on weekends, with some missed days in between due to life's disruptions and lab streaming with Whizlabs. I finished the course in about 1 month and a half.
Now, if you're not feeling ACG, then I would suggest Whizlabs. Whizlabs has a course for the Security Specialty with a variety of labs. This is a token-based system and you'll have to pay for tokens to use for labs, so keep that in mind. However, you could buy the yearly subscription for $99 USD and save yourself from buying credits and have access to a plethora of content for several cloud providers. I used Whizlabs specifically for their labs and streamed them on Twitch and YouTube. The labs were amazing, and I definitely believed they helped me understand the services much better than I would have by just looking at the video. If you'd like to take a look at these labs and do them with me (#LabWithMe), please take a look at my YouTube channel!
As far as practice exams and additional study content, I used Jon Bonso's practice exams and cheat sheets. You NEED to leverage these resources to pass the exam. As always, his practice exams are much harder if not on par with the actual exam. There are about 3 practice exams with ranging questions that are constantly updated when the AWS exam is updated (which hasn't been updated just yet), so don't buy another course! For the first round of testing, I scored between the high-60s and mid-70s, which wasn't so bad for the first try. After some more reviewing of services, whitepapers, and labs, I scored in the mid-80s and high-90s on the second try. Before you sit for the exam, it is always recommended you score in the mid-80s and up on all of your practice exams. Also, make sure you understand all of the security services in GREAT detail. In addition, make sure you truly understand EVERYTHING about identity access and management (IAM) and key management service (KMS). Understand your logging services such as CloudWatch and CloudTrail as well. There is one Re:Invent video that I would recommend you watch to better understand IAM:
Becky Weiss’ fantastic Reinforce talk “The Fundamentals of AWS Cloud Security"
If you do not have any associate certifications, I highly recommend you snag the AWS SAA or CDA before writing this exam, because the knowledge of how services work together will help you pass this exam tremendously. If you have any security certifications, it would also help break down some of the troubleshooting questions as well.
That is all that I have for you. Thanks for reading, and good luck if you are attempting to pursue this exam!