AWS Amazon Web Services training from QA

AWS re:Invent 2016 - Security Specialty

QA's AWS Principal Technologist, Daniel Ives, is at AWS re:Invent 2016 in Las Vegas. In this second blog he shares his first impressions of the beta-stage AWS Certified Security – Specialty exam.

Daniel Ives | 1 December 2016

AWS Certified

AWS Certified Security – Specialty

I'm in Las Vegas for AWS re:Invent 2016 and I've chosen to spend most of my brief time here taking three 170-minute exams for the new AWS beta-stage certifications. "Why???", I hear you ask. Well, it's like why people choose to climb Everest. Because it's there and they can. I will attempt to conquer these three exams and feed back my first impressions of each of them in turn. Remember, these exams are all beta, so the actual exams may differ significantly from what I discuss herein.

First up is AWS Certified Security – Specialty (Beta)

What is it for?

According to the exam blueprint, this exam "measures a candidate’s ability in the area of security as it pertains to design, implementation, and troubleshooting." Clearly security is a major concern for everyone considering moving to the cloud, so being able to identify specialist personnel with a proven competence in AWS security is extremely useful.

What was it like?

In a beta, they throw loads of questions at you, so I was a little daunted at first; instead of the usual 80 questions I got 106 to worry about in my 170 minutes. It turned out that I finished with about 15 minutes remaining and, to be honest, by then I really needed to avail myself of the facilities, so I didn't spend those 15 minutes reviewing my marked answers as I normally would. I know for a fact that I got many wrong but I hope that I will have passed; I think I've done enough.

OK, but, you know, the structure?

I digress. My feeling is that it stuck to the brief. At first I felt that some of the questions were more relevant to an architecting exam, until I realised that they were all around security best practices.

There was a range of depth of question, going from broad-strokes best-practice down to a deep understanding of exactly how a given service works from a security point of view, and about AWS's compliance programme. I felt that question length was generally shorter than the Pro Architect exam, but there were some longer scenario-based questions with multiple parts.

As you'd expect from a Professional level exam, you'd struggle to pass if you'd only done a bit of reading around the subject.

What I really liked, from an exam on a security competence, were the questions on how to talk to stakeholders at multiple levels about AWS's security provisions and posture. I think that's a key part of what this certification should be about.

How hard was it?

Difficult to say, as I have no idea whether or not I passed. Ask me again in March!

I have a very simple benchmark for exam difficulty: the Certified Solutions Architect - Professional exam. I tell anyone who asks that that is the hardest exam I've ever taken and I still stand by that.

Some of the questions, naturally, I barely needed to read the answers before selecting the correct answer. Some of them, I had to perform a process of elimination on to work out which were distractors and which weren't. Some of them required applied knowledge of The AWS Way to work out. And frankly, some of them were just outright guesses.

I'd say that some of the questions were poorly worded, but that might just be sour grapes for not knowing something, and some of the answers were very similar and interchangeable. Taking a beta exam, you can provide feedback on every question as you're answering it. Those that I felt fell into this category, I did indeed comment on.

To compare this exam with the Pro Architect and DevOps exams I'd say I changed my mind about answers less often than on the Architecting and more often than on the DevOps exam. I'm not sure if that's relevant to anyone reading this post though, as their background will undoubtedly be wildly different to mine.

Final thoughts

A welcome addition to the AWS certification ouvre, I think this certification will appeal to any larger organisation and also to smaller consultancies looking to assure their customers that the cloud in general and AWS in particular are a secure deployment option.

There seems to be a clear alignment between this exam and the Security Operations on AWS course.

Cheat sheet

Sorry, if you came here for one of these, there isn't one. Work hard, play smart, and minimise your attack surface!

Related blogs

AWS re:Invent 2016 - New Certifications

AWS re:Invent 2016 - Certified Advanced Networking

AWS re:Invent 2016 - Big Data Specialty

The benefits of AWS certification


Daniel Ives

Daniel Ives

Principal Technologist - AWS

Daniel joined QA in 2006, having previously worked as a developer trainer on the Microsoft stack. He is an Authorized Amazon Instructor and holds all 10 of the current AWS certifications. As a Principal Technologist, Daniel focuses on creating and delivering courses about cloud services, service-oriented architectures, data engineering and enterprise application integration. Daniel also delivers our Google Cloud Platform courses with a focus on Big Data and Data Engineering, and holds 2 GCP certifications (Data Engineering Professional and Architect Professional), as well as being an AII Champion. Other areas of expertise include; C#, .NET and agile development. His areas of interest include all of the above, plus Microsoft Azure, Python, sailing, skiing and cycling, although not necessarily in that order or at the same time.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.