How I Passed the AWS Certified Security - Specialty exam (SCS-C02) - on first attempt

How I Passed the AWS Certified Security - Specialty exam (SCS-C02) the first time

Last year, my professional life was filled with a whirlwind of back-to-back activities and great achievements. Between graduating with a master's degree in cybersecurity from Georgia Tech, releasing my third children’s book on Cybersecurity careers, creating a LinkedIn Learning course, preparing for my first TEDx talk, traveling overseas for speaking opportunities, etc.  Super grateful for all of them.

I had to postpone several goals—one of which was taking the AWS Certified Security - Specialty exam (SCS-C02). Now, having passed it, on the first attempt, I want to share my experience and insights that might help you on your certification journey. I also didn’t find much information online as I would for other certs.

The exam had recently been updated from its previous version (SCS-C01) and now includes one more domain, which is the 6th domain on Management & Security Governance. The weightage changed a bit from the prior version. 

The domains covered include:

1. Threat Detection & Incident Response (14% of scored content)

2. Security Logging & Monitoring  (18% of scored content

3. Infrastructure Security (20% of scored content)

4. Identity and Access Management (16% of scored content)

5. Data Protection (18% of scored content)

6. Management and Security Governance (14% of scored content) 

The Exam is a Speciality level on the AWS certification path. It is a 180-minute long exam with 65 questions; either multiple choice or multiple responses ( 2 or 3 responses).

It costs 300 USD - I was fortunate to be the recipient of the 2023 AWS re: Invent conference ABW grant so as part of that, I had a free voucher for 1 AWS certification therefore I didn’t pay anything.

I took the test at a nearby Pearson Vue center because I just didn’t want to deal with online proctored exam hassle. I had a bad experience when I took the Solutions Architect exam in 2022 (the exam closed on me 4 times during the exam and yet I passed - I did a whole post about it on LinkedIn in 2022.

My Experience with AWS

I earned the AWS Certified Cloud Practitioner in 2020 and the AWS Certified Solutions Architect in 2022. I also have 2 years of work experience as a cloud security Engineer at a Fortune 500 org. 

As with any of my certification journeys, I first start to look at blogs and videos by individuals who took the course to hear from their experience and what materials they used.

I pick common resources mentioned to start my preparation. Speaking of which, I prepared for this exam for 3-4 months studying after work and on weekends. I rescheduled my exam twice because I didn’t feel like I had enough time to prepare and be occupied with other commitments.

Here are a few resources that I used

• Stéphane Maarek’s courses on Udemy - Ultimate AWS Certified Security Specialty [NEW 2024] SCS-C02. His detailed explanations with small bite-sized explanations make it easier to digest concepts.

• Tutorials Dojo AWS Certified Security Specialty Practice Exams SCS-C02 2024 -The practice exam is a great practice question to get a feel of the actual exam environment and learn the rigor of the questions. I personally had to do quick retrieval when I studied to avoid getting bored with videos. I utilized per-domain question practice well as I went along.

  If you have an employer subscription

• A Cloud Guru - This platform offers course, lab and practice questions. I only utilized the 7-day free trial.

• AWS Skill Build - I liked the practice questions (Exam Prep Official Practice Exam) from Plus it's from AWS but it's not the same rigor as Tutorials dojo.

• AWS Whitepapers & Guides - Didn’t get a chance to read these fully other than just to refer to some concepts but I recommend it.

I must say the 2 years of experience working in the AWS environment gave me a perspective to see things in a multi-account environment vs doing some labs with 1 or 2 accounts. However, if you have prior AWS certs like I did and do some Free AWS well-architected labs you should be good to cement the concepts from a practical standpoint.

There are fewer services discussed compared to solutions architect but a much deeper understanding of security services such as IAM, KMS, Cloud Watch for logging, AWS org, etc. 

On the exam, you will find some of the questions paragraph long, but don’t be intimidated just keep reading the questions carefully and with patience to get out the ask and keywords from the fluff. Those questions used to discourage me at first but I trained myself well with the practice questions not to quit in the actual exam. The Tutorials Dojo questions are great for this.

Another thing is you will find similar-looking answer choices. In such instances go back and read to find keywords such as security solutions with the most ‘cost efficient’, ‘most secure’ or ‘less overheard’ etc solutions.

One example to highlight what I mean is sometimes the answer will make sense for the scenario to choose both a Parameter Store as well as a secret manager …however if the question is asking for a solution in a cost-efficient manner we choose a Parameter Store instead of a secret manager. If the question says most secure then we might go for a secret manager instead of Parameter store and so on.

Typically, I finish exams with time to spare, but not this one. I used every minute available, leaving only 5 minutes to review answered flagged questions which I used to review around 14 questions. So use your time wisely and consciously.  It was the longest AWS exam I've taken, well I took a 4-hour exam in 2019,  the CISA exam from ISACA while I was in the third trimester of my pregnancy!

As you step into a new month and continue to pursue your goals, remember that learning and certification, especially in fields like cybersecurity, are marathons, not sprints. Whatever goals you have, whether they seem daunting or you're struggling to find the motivation, keep pushing.

Keep learning, keep growing, and see you at the top!

For more information check out the AWS Certified Security - Specialty (SCS-C02) Exam Guide

If you have questions DM me on Linkedin I will try my best to answer them. 

AWS Certified Security – Specialty was issued by Amazon Web Services Training and Certification to Zinet Kemal.

Thank you for reading!

Check out my

• Children’s Books -  See Yourself in Cybersecurity & Oh, No … Hacked Again! 

• TEDx talk - Hack-Proofing Childhood: Ensuring our children's online safety.

• LinkedIn Learning course - Build Your Brand in Cybersecurity

• Learn more about me & my career as well as other blog posts 

Connect with me on Linkedin.