I passed AWS Certified Advanced Networking Specialty Exam In 2020

AWS Certified Advanced Networking Specialty journey

I passed AWS Certified Advanced Networking Specialty Exam In 2020

I’ve just passed exam and happy to share share my resources preparation for AWS Certified Advanced Networking Specialty Exam. I have already written a couple of articles related to AWS certifications, and I can confidently say that this has been the hardest of all. Ever since I started to dig into the computer technologies, networking was one of the most difficult subjects for me, even when I like it so much. As an introduction, I need to highlight that the number of guides that I was able to find to clear this certification with a good level of confidence are scarce. But at the same time, there are tons of helpful resources that did instruct me but did not help me to focus on the specific of this exam. I want to share my experience with you to support the effort. A warning note: If you are planning to take this as your very first AWS exam, it is not a good idea. I recommend you to pass any of the Associate certifications before presenting this exam. I will not write much about the structure of the AWS exams nor about the basics of Networking. If you do not feel comfortable creating, maintaining, securing, and improving VPCs, you will row against the current.


When I started to search for guidance online, I did not find good news. There were just few posts that included some references or guides that could help me. Some good advice came from people that had tried at get the certification a couple of times (one tried 4 times, succeeding in the end). Something remarkable, not to say worrying, is that some of the authors were networking engineers, and still they failed to pass. In other words, do not get too comfortable if have a background in networking but you have not tried the cloud. By the time I presented this exam, I had already cleared 9 AWS certifications, I think this has been the most difficult one, the main reason in my opinion is that one does not deal with the service that appears in the majority of the questions on a daily basis, I am talking about Direct Connect (more about this coming soon). All the previous knowledge acquired to pass other AWS exams was extremely valuable as it helped me to distinguish answers that looked good from the networking perspective, but were incorrect because of the details and capabilities offered by other services included in them, like logging, security, and automation.

I did not started from zero, my professional experience with networking included scenarios where different technologies were involved: IP tables, host files, port and port mapping, OSI model, good knowledge of HTTP packets, subnets, subnet masks, self-signed certificates, basic Active Directory, and simple routing. From a basic level I have worked with DNS, DHCP, ICMP, VPN, TLS, high level Active Directory, iSCSI, and Network interfaces. As a Cloud Engineer I have had the chance to work with all the range of VPC services and manage them from the perspective of automation, security, troubleshot and creation and maintenance of mid-level networking architectures. I started to prepare this exam on February 2020 and presented on July 2020, I did not really dedicate much of my time until May 2020. So I would say that I prepared this exam during 3 months, but I started by reading some of the chapters of the book that made the difference for this exam (yes, to my own surprise, a book).

AWS Advanced Networking Specialty Preparation


I used one main resource, a good old style book (OK, you can get it in a digital form, but that only changes the presentation): The “AWS Certified Advanced Networking Official Study Guide: Specialty Exam”. I would recommend it as the main source of truth for this exam, actually, the fact that it cannot be updated frequently helped me to focus on the topics for the exam.

The next helpful resource was the one that I enjoyed the most: re:Invent videos. They taught me great tips and tricks, and also exposed base architectures, something that you will need to understand for most of the questions of the exam. The only problem with them is that most of them talk about the brand new releases, both in terms of services and updates, but for the exam, this will actually misguide us. Interesting and helpful as these solutions are, a lot of them are not covered by the exam, that’s why a guide created by the group responsible to maintain the exam is better in this case, that’s the advantage of the book mentioned above.

The last resource was the Exam Readiness Course in the AWS Learning platform, I watched it three times, and it was really helpful as a readiness series, it does not go deep enough on the topics, but it works perfectly as check list to recap.

For practice exam, I found awslagi.com website. They have a lot of free and paid resources for practice. I choose the paid version for my practice. The actual questions were helped me a lot of, this help me save a lot of time and have good practice to pass the exam.

Free practice: https://www.awslagi.com/practice-questions/
Paid version: https://awslagi.com/aws-certified-advanced-networking-specialty-exam-questions/

AWS Advanced Networking Specialty Resources


From the AWS Certified Advanced Networking Official Study Guide: Specialty Exam, if you only have a chance to read 3 chapters, read these and in this order:

  • Direct Connect (Chapter 5)

Even with the warning, I recommend you to check re:Invent videos, it is worth to spend some time watching them, taking notes and understanding the concepts. My preferred were:

And you may want to check this great post where a number of designs are exposed with interesting graphics:

The Exam

AWS Advanced Networking Specialty Exam

First, know that the number of requirements appearing in this exam is larger comparing it with other exams, let’s briefly recap the usual qualities that will be presented in the questions. You will be asked to pick the best answer that correspond to one or more of these qualities:

  • Cheapest

The previous type of requirements are usual in the AWS exams, but because of the networking nature, you will be also get questions that requires you to choose answer that accomplish:

  • Consistent bandwidth

Understand the architectures, strategies, and the services that allow you to achieve these goals.

Main Topics

main topics in aws advanced networking specialty exam

Now, an enumeration of the services that you need to know for the exam listed in order of number of appearance and relevance:

VPC Endpoints

I was expecting a lot of questions around this topic, but I barely remember two that included a connection to S3 and Dynamo DB, I would not underestimate it anyway.

  • Know the differences between Gateway Endpoints and Interface Endpoints as well as how to configure them and the requirements in the VPCs.


Among the previously mentioned topics and services, investigate and understand the next concepts:

  • SSL offloading.


The area that it is covered by ELBs goes way beyond the basics of this service, focus on:

  • Differences and advantages of ALB and NLB.


Even if it is not covered as deeply as I was expecting, I got around 5 questions related to the service, they asked about Lambda@Edge, black and whitelisting, and basic functionality.

Hybrid architectures based on VPN

This may sound like an old technology, but it is very import to establish secure connections around the network, I got a huge amount of questions related to it.

  • Advances architectures: Know how to implement Transit architectures, as well as CloudHub, and Hub and Spoke implementations. Know the use cases and where they cannot be used. Know when you can use VPNs and VPC peering.


  • If you know how to apply firewall capabilities, you will answer a couple of questions correctly.


This should have been part of the foundations, but embrace the challenge as you need to consider it at a higher level.

  • You will be required to remember the limits accepted by AWS.

Hybrid architectures based on Direct Connect (DX)

The first two topics mentioned here were just to let you know that this is exam is tough, but as mentioned before, DX appeared in at least 15 questions. Remember, this is a service that you will hardly configure on a daily basis, you need to understand it pretty well, starting from physical connections and ending with the protocols as well as the way to maximize its use. Here a list of the concepts that you need to understand:

  • Redundancy (HA) scenarios.

This exam should have been named: “AWS Certified DX and Networking -Specialty”, do not take the exam if you cannot describe all of the terms and scenarios that have been just indicated.

Route 53

I had direct questions for this service, plus it was used in many questions as a complementary piece.

  • Know about Health Checks and how you can have a secondary site ready to respond to failures.


This exam is similar to others in the way that it will present you questions where 3 or more services take the lead in the question or in the answers, be prepared to find a mix of services in most of them. You should learn to recognize the best practices, protocols, and the services that go together to resolve certain scenarios. As the number of combinations will certainly require dozens of posts, let me tell you that you need to domain the next networking foundations topics:

  • Security Groups: The way they work to block and enable connections, the places where they can be applied, the way to reference them, and the restrictions between regions.

Jumbo Frames

  • Understand what they do, when they will not help you, the limitations, and where to set them up.

Other Topics

I got around fewer questions where the next services and solutions appeared, it is worth to know about them, specially their use cases:

  • DHCP options: How to configure it and why.

Topics that did not appear

  • Transit GW


The exam is one of the toughest without a doubt, you need to be really well prepared. Your knowledge about VPC must be strong in order to save time when choosing the correct question. Study every architecture n where DX is involved and know how to combine the different services and technologies. Again, as it is hard to have the opportunity to implement or manage many of these type of solutions, my best recommendation is that you take a deep look at the chapters in the book that you need to reinforce, watch videos, read posts, check use cases, success stories, take notes and understand every architecture wherever you find them.

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *