Most of the questions pertain to S3, EBS, EC2, VPC, RDS and NAT instances. There were also a couple of questions regarding RDS, Route53 and Kinesis. I have to say that my version of the exam covered more topics than what others have posted. This was my first attempt and I've only been working with AWS for 2 months. Here are the areas on which to focus:
S3: Know ins and outs of S3 storage tiers, bucket policies/ACLs, backups, encryption, glacier, availability and durability 9's for each tier, etc.
EBS: Know the different EBS types, instance-backed vs EBS-backed, snapshots, copying EBS to different AZs, encryption, etc.
EC2: Know instance types, purchase options, what attributes and options can be changed to an instance while running or stopped, autoscaling groups, ELB and cross-zone, placement groups
VPC: Know VPC internet gateways, security groups, network ACLs, route tables, private and public subnets, defaults for allowed or denied traffic across the VPC stack, IP addressing, etc.
NAT Instances: Know how to configure them and to troubleshoot them when they aren't working.
I'm sure some might disagree with this, but the BEST advice I can give you to ensure you're fully prepared and past the FIRST time is to go through both Linux Academy's and A Cloud Guru's CSA Associate courses. While it might seem like overkill or redundant, they actually compliment each other and fill in the gaps of each respective course. Guru's course is really focused on preparing you to pass the exam and is light in some area in regards to hands on experience with certain services and scenarios. Linux Academy goes wide and deep on most of the services and provides a lot of hands-on so that you can actually do the work on the job. Ensure you do the labs on both at least twice, read everything and memorize it (screen capture the slides if you have to), read the AWS Security Guide, and do the practice questions from both courses until you consistently get 90%+.