I recently passed The SecOps Group CCSP-AWS certification, and I'm excited to share my insights and review of it. The Certified Cloud Security Practitioner (CCSP-AWS) is an entry-level exam specifically designed to test and validate a candidate’s knowledge on the core concepts of AWS cloud security. This certification is intended for a broad audience, including security engineers, security analysts, solution architects, cloud solution developers, threat analysts, penetration testers, red and blue team members, and any security enthusiast with strong existing knowledge in cloud security. I chose to pursue this certification for personal interest in cloud security, and it represents a significant step in my broader cybersecurity journey.

How I Prepared

My preparation for the CCSP-AWS exam involved a combination of structured learning through an online course and extensive practical application. Key resources I utilized during my study included the Stephane Maarek's AWS Certified Cloud Practitioner Udemy Course. Hands-on labs and practical experience were invaluable and I gained this by deploying and using various AWS services. In terms of time commitment, I finished the Udemy course in 2 weeks, and for the hands-on experience, I've been using AWS since mid-2024.

What the Exam Is Like

The CCSP-AWS exam consists of Multiple Choice Questions (MCQs) and has a duration of 1 hour. It is conveniently taken online and is available on-demand, making it accessible from anywhere. The cost for the exam is £100, and it is a proctored examination.

The exam syllabus covers a comprehensive range of content areas, including:

• Authentication, Authorization and Access Control Focusing on AWS Identity and Access Management (IAM), AWS Cognito, and AWS Service Control Policies (SCPs).

• Data Security Covering AWS Key Management Service (KMS), AWS Secrets Manager, and AWS Certificate Manager.

• Compliance and Governance With topics on AWS Config and AWS Organizations.

• Infrastructure Security Delving into AWS Virtual Private Cloud (VPC), AWS Security Groups, and AWS Network ACLs.

• Monitoring and Incident Response Highlighting AWS CloudWatch, AWS CloudTrail, AWS Detective, and AWS GuardDuty.

• Common Security Issues Related to AWS Services Including those pertinent to AWS Elastic Container Services (ECS), AWS Elastic Kubernetes Services (EKS), AWS Elastic Compute Services (EC2), AWS Simple Storage Services (S3), and AWS Lambda Functions.

• Common Application Security Attacks on AWS Cloud Such as Broken Access Control, Server Side Request Forgery (SSRF), SQL Injection, Code Injection, and general Best Security Practices.

The questions themselves are a mix of factual knowledge and scenario-based challenges, requiring both recall and practical application. There are a few trick questions that need careful reading, and the Udemy course helped a lot on theories, although hands-on experience plays a role too, since the security stuff is not deeply discussed in the Udemy course. To successfully pass the exam, candidates must score over 60% marks, while a score over 75% earns a "pass with merit" status.

My Strategy

During the exam, my primary strategy revolved around effective time management, ensuring I paced myself appropriately through all the questions. I speed ran through the 60 questions, marking any questions that I'm not sure to come back later. A crucial aspect was careful question interpretation, I emphasized reading each question thoroughly to identify keywords and truly understand what was being asked. For challenging questions, I relied on the process of elimination to narrow down the choices.

Best Resources and Tips

For anyone interested in getting the certification, I highly recommend the following top study materials to maximize your chances of success. First and foremost, Stephane Maarek’s AWS Certified Cloud Practitioner course on Udemy is a fantastic starting point as it breaks down core AWS services and concepts in an easy-to-understand format. Pair this with the AWS Security Documentation, which provide official, in-depth insights into real-world best practices. Make a study schedule, review consistently, and focus on truly understanding the concepts rather than just memorizing facts. On exam day, ensure you get good rest beforehand. Create a quiet environment for the proctored exam, double-check your internet connection, and remember to read all instructions carefully before starting.

Final Thoughts

Overall, I believe the CCSP-AWS certification offers pretty good value. The certificate demonstrates a candidate's understanding of AWS Cloud Security, which might help in career advancement. I would recommend this certification to cloud security enthusiasts, though get it only if you get a steep discount like I did. Otherwise, I would say it's better to take the AWS Certified Cloud Practitioner certification instead