Finally, it’s here!
SCS-C01. registered last night, it is only $150 – which is much better than the usual $300 for each of the other two Specialty Exams. This beta exam will only be available from January 15th to March 2nd – so I scheduled mine on Feb 28th.
UPDATE 2/21/2018 – It appears aCloud.guru has released new content for this exam! You need your own account for acloud.guru to get it – and the price of the course is worth the 99$. The course is still mixed with some older lectures, so I don’t think Ryan is totally done – but there is definitely new content up there!
UPDATE 3/3/2018 – I took the Specialty BETA exam on Feb 28th. The questions were tough, fair – and had very minimal, if any “word trickery” at all. It was the most straight forward certification exam I have ever taken, where you are presented with facts and are choices are well worded. Good job, AWS team!
I can’t really say too much about content, because of the NDA, but I can tell you some general things. Though the BETA is over now . . .
- IAM Policies are a huge part of the exam, so please understand how all policies work; and when happens when multiple policies overlap one another. [ IAM Ninja video links below ].
- KMS was also a large part of the exam; so no surprizes there, know your KMS in and out.
- CloudWatch Agent. Know all the capabilities and what this agent does.
- IAM Federation.
Also, on acloud.guru, here is their discussion page with other people discussing their Exam experience.
Now comes the 90 wait to see if I passed. . . . I’d like to see a PASS, but if I don’t I get voucher for the general release!
Q: What happens if I do not pass the beta exam?
Candidates who do not pass the beta exam will receive a voucher to re-attempt the AWS Certified Security Specialty exam once it is released.
Ok, now the nitty gritty, what resources were needed for the BETA?
Official Exam Guide
First, here is the pdf of the AWS Exam Guide for the BETA SCS-C01
Now, here is my resource collection:
I can start by telling you I’ve already purchased the
AWS Certified Security – Specialty Course from acloud.guru
It’s the course from the original BETA exam that came out (early 2017?), but it covers all the fundamentals and the guys at acloud.guru update their content regularly when it comes to Exam courses. I believe the cost on this is $60. Outstanding value!
acloud.guru Founder Ryan Kroonenburg – Ryan sat this exam on Jan 15th in London. He made this video giving general exam experience feedback and he also said that he will be updating the above mentioned acloud.guru AWS Security course based on his experience. UPDATE 2/5/2018 [ a rep from acloud.guru told me that the course would be updated at end of Febuary 2018 ]
Next, I think this Exam will hit every corner of the AWS Universe, which means diving deep into the AWS Security and Compliance Whitepapers
Out of those, The Well Architected Framework – Security Pillar would be the one to know like the back of your hand.
Re:Invent 2017 Security Vids
After that, the AWS RE:Invent 2017 IAM Policy Ninja Video is an incredible resource and to be sure, I will watch (and practice) this multiple times over the next several weeks. And other RE:Invent 2017 Security Vids:
Five New Security Automation Improvements You Can Make by Using CloudWatch Events and AWS Config Rules
Now the AWS recomended Training for the SCS-C01 BETA exam:
Exam Topic Specific Resources SCS-C01
Domain 1: Incident Response
1.1 Given an AWS abuse notice, evaluate the suspected compromised instance or exposed access keys.
1.2 Verify that the Incident Response plan includes relevant AWS services
1.3 Evaluate configuration of automated alerting and execute possible remediation of security-related incidents and emerging issues
How to Detect and Automatically Remediate Unintended Permissions in Amazon S3 Object ACLs with CloudWatch Events
Domain 2: Logging and Monitoring
2.1 Design and implement security monitoring and alerting.
2.2 Troubleshoot security monitoring and alerting.
2.3 Design and implement a logging solution.
2.4 Troubleshoot logging solutions
Domain 3: Infrastructure Security
3.1 Design edge security on AWS.
3.2 Design and implement a secure network infrastructure.
3.3 Troubleshoot a secure network infrastructure.
3.4 Design and implement host-based security
Domain 4: Identity and Access Management
4.1 Design and implement a scalable authorization and authentication system to access AWS resources.
4.2 Troubleshoot an authorization and authentication system to access AWS resources.
Domain 5: Data Protection
5.1 Design and implement key management and use.
5.2 Troubleshoot key management.
5.3 Design and implement a data encryption solution for data at rest and data in transit.