AWS Certification
AWS Certified Security – Speciality
The AWS Security certification validates an individual’s ability to create and implement security solutions in the AWS Cloud. This certification also validates the understanding of specialized data classifications, AWS Data protection mechanisms, data encryption methods, secure internet protocols and AWS mechanisms to implement all of these
AWS Certified Security – Specialty is intended for experienced individuals who have around five years of IT security experience in designing and implementing security solutions along with two or more years of hands-on experience in securing AWS workloads. This certification complements the skills and expertise required for multiple job roles across cloud architecture, database, networking, and DevSecOps.
Who should take this exam?
The target candidate should have the equivalent of 3–5 years of experience in designing and implementing security solutions. Additionally, the target candidate should have a minimum of 2 years of hands-on experience in securing AWS workloads.
Recommended AWS knowledge
The target candidate should have the following knowledge:
- The AWS shared responsibility model and its application
- General knowledge of AWS services and deploying cloud solutions
- Security controls for AWS environments and workloads
- Logging and monitoring strategies
- Vulnerability management and security automation
- Ways to integrate AWS security services with third-party tools
- Disaster recovery controls, including backup strategies
- Cryptography and key management
- Identity access management
- Data retention and lifecycle management
- How to troubleshoot security issues
- Multi-account governance and organizational compliance
- Threat detection and incident response strategies
Exam Overview
Level: Speciality
Length: 170 minutes to complete the exam
Cost: 300 USD
Format: 65 questions; either multiple choice or multiple response
Exam Content
Response types
There are two types of questions on the exam:
- Multiple choice: Has one correct response and three incorrect responses (distractors)
- Multiple response: Has two or more correct responses out of five or more
response options
Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that a candidate with incomplete knowledge or skill might choose. Distractors are generally plausible responses that match the content area.
Unanswered questions are scored as incorrect; there is no penalty for guessing. The exam includes 50 questions that affect your score.
Content outline
This exam guide includes weightings, content domains, and task statements for the exam. This guide does not provide a comprehensive list of the content on the exam. However, additional context for each task statement is available to help you prepare for the exam.
The exam has the following content domains and weightings:
- Domain 1: Threat Detection and Incident Response (14% of scored content)
- Domain 2: Security Logging and Monitoring (18% of scored content)
- Domain 3: Infrastructure Security (20% of scored content)
- Domain 4: Identity and Access Management (16% of scored content)
- Domain 5: Data Protection (18% of scored content)
- Domain 6: Management and Security Governance (14% of scored content)
Prepare for the exam
Below are recommended steps you can follow to get ready for exam day. Note: AWS does not require you to take any specific AWS training as part of your exam prep.
Classroom Training
Learn the official AWS Course deliver by an Amazon Authorised Instructor.
Go to Page>
Exam Readiness
Learn about navigating the logistics of the examination process, the exam structure.
Learn More>
Exam Guide
Download the Exam Guiide>
Practice Questionnaire
Attempt exam questions built by experts to assess your preparation for the certification exam.
Go to page>
FAQs
AWS Certified Security – Specialty is intended for experienced individuals who have five years of IT security experience in designing and implementing security solutions and two or more years of hands-on experience in securing AWS workloads. This certification complements the skills and expertise required for multiple job roles across cloud architecture, database, networking, and DevSecOps.
This certification can build your credibility and position you as a trusted advisor to your stakeholders and customers. As an AWS Certified Security – Specialty certification holder, you can bring best practices and security solutions that meet organizations’ and customers’ unique needs. Job listings requiring this certification have increased 73% (Oct 2021 – Sept 2022) per Lightcast™ October 2022.
You are not required to earn any specific certifications prior to preparing for this certification. However, candidates commonly earn the AWS Certified Solutions Architect – Associate and/or AWS Certified Solutions Architect – Professional before attempting the AWS Certified Security – Specialty exam.
The AWS Certified DevOps Engineer – Professional and the AWS Certified Advanced Networking – Specialty are additional certifications that other cloud professionals have earned to advance further in roles like Networking Engineer or DevSecOps Engineer.
Visit Exam pricing for additional cost information.
Got questions regarding the AWS Cloud Practitioner Certification?
