- The ACE-AS exam covers four distinct domains spanning threats, access control, aircraft operations, and security management.
- Understanding the Airport Security Program and credentialing requirements is critical - Domain 2 is content-heavy and operationally detailed.
- Domain 3 covers aircraft operations and screening procedures that require memorization of specific regulatory checkpoints.
- The exam tests scenario-based reasoning, not just recall - knowing how policies apply in real situations matters.
What Is the ACE-AS Certification?
The ACE-AS - Airports Council International's Airport Certified Employee in Airport Security - is a credential designed for airport professionals who work within or alongside airport security operations. It signals that a candidate understands the layered systems, regulatory frameworks, personnel roles, and procedural demands that keep commercial aviation safe.
Unlike generalist certifications in security or emergency management, the ACE-AS is built specifically for the airport environment. That means the content is laser-focused on topics like Transportation Security Administration (TSA) roles, airport access control systems, general aviation vulnerabilities, and the day-to-day mechanics of the Airport Security Program. Candidates who underestimate how airport-specific this exam is tend to find themselves unprepared when scenario-based questions test real operational knowledge.
If you are working toward this credential in 2026, the most important first step is understanding exactly what the exam measures - and that means digging into the four domains that structure the entire test.
Exam Format Overview
The ACE-AS exam is a proctored, multiple-choice test administered through ACI's certification process. The exam is structured around four content domains, each representing a distinct functional area of airport security knowledge. Questions are not grouped by domain during the exam itself - they appear in a mixed format, which means candidates must be fluent across all areas rather than compartmentalizing their knowledge.
Because the specific breakdown of questions per domain is not publicly disclosed in granular form, candidates should treat all four domains as exam-critical. Skipping or skimming any domain is a risk that experienced test-takers consistently warn against.
| Exam Element | What to Know |
|---|---|
| Format | Multiple-choice, proctored |
| Domains Covered | 4 (Threats & Roles, Access Control, Aircraft Operations, Security Management) |
| Question Style | Recall and scenario-based application |
| Question Mixing | Mixed across domains (not grouped by topic) |
| Administered By | Airports Council International (ACI) |
| Renewal Required | Yes - see the ACE-AS Renewal Requirements 2026: Step-by-Step Process |
The Four Exam Domains Explained
The ACE-AS credential is built on four content domains. Each one maps to a real area of airport security practice, and mastering the terminology, regulatory framework, and decision-making logic within each domain is the foundation of exam success.
Domain 1: ASC, Threats to Aviation and the Security System / Roles of Personnel and Agencies
This domain establishes the conceptual and organizational foundation for all aviation security. Candidates must understand the landscape of threats that target civil aviation - from insider threats and unauthorized access to more complex attack vectors - as well as the roles played by federal agencies, airport operators, air carriers, and local law enforcement.
- The Airport Security Coordinator (ASC) role, responsibilities, and authority
- TSA's jurisdiction and its relationship with airport operators
- Inter-agency coordination frameworks and communication protocols
- Categories of aviation threats and how the security system responds to each
- Federal, state, and local law enforcement roles at airports
Domain 2: The Airport Security Program and Access Control; Credentialing, Law Enforcement and General Aviation Security
Domain 2 is arguably the most content-dense area of the exam. The Airport Security Program (ASP) is a federally mandated document that each commercial airport must maintain. Understanding its components, amendment processes, and operational requirements is essential. Access control - who can go where, how that access is granted, and how violations are handled - is equally emphasized. This domain also covers general aviation security, which operates under different regulatory requirements than commercial aviation and presents unique vulnerabilities.
- Structure and required elements of the Airport Security Program
- SIDA (Security Identification Display Area) rules and badge requirements
- Credentialing processes, background checks, and Security Threat Assessments (STAs)
- Escorting rules for unescorted access areas
- General aviation vulnerabilities and applicable security measures
- Law enforcement presence requirements and response protocols
Domain 3: Aircraft Operations and Screening
Domain 3 focuses on the operational side of aviation security - specifically the security measures applied to aircraft, passengers, baggage, and cargo. Candidates must understand checkpoint procedures, the regulatory requirements for screening, and the roles of various personnel in the Aircraft Operations Area (AOA). This domain rewards candidates who understand the "why" behind screening procedures, not just the steps involved.
- Screening requirements for passengers, carry-on, and checked baggage
- Aircraft Operations Area (AOA) access controls and perimeter security
- Air carrier security requirements and coordination with airport operators
- Prohibited items regulations and TSA officer authority
- Cargo and catering security procedures
Domain 4: Security Issues and Management
The final domain shifts toward higher-level thinking: how security programs are managed, evaluated, and improved over time. This includes incident response, security training requirements, vulnerability assessments, and quality control processes. Domain 4 questions often test candidates on how a security manager should respond to emerging situations or how to evaluate the effectiveness of an existing security measure.
- Security training requirements for airport personnel
- Incident reporting, response procedures, and coordination
- Airport security vulnerability assessments
- Quality control programs and auditing processes
- Emergency planning and contingency operations
Question Types You Will Encounter
The ACE-AS exam uses multiple-choice questions, but not all of them are created equal. Candidates encounter at least two distinct styles of questioning, and preparing for both is essential.
Direct Recall Questions
These questions test whether you know a specific fact, definition, or regulatory requirement. For example, a question might ask what the primary responsibility of the Airport Security Coordinator is, or what a SIDA badge authorizes. These questions reward thorough study of the core regulatory frameworks and terminology covered in Domains 1 and 2.
Scenario-Based Application Questions
Scenario questions present a situation - often a security incident, a policy decision, or an access control dilemma - and ask what action should be taken, or which response best aligns with the Airport Security Program. These questions test whether you can apply your knowledge in context, not just recite it. Domain 3 and Domain 4 tend to generate more scenario-based questions because they deal with operational and management decision-making.
The best way to get comfortable with both question types is through targeted practice. The ACE-AS practice tests available here are structured around the actual exam domains and include both recall and scenario-style questions to simulate the real test experience.
Time Limits and Pacing Strategy
The ACE-AS exam has a defined time limit for completion, and pacing is a real factor for many candidates. Because questions are mixed across domains, you cannot plan to "save" a domain for the end - you need to be ready to shift mental gears throughout the exam.
Effective pacing on exam day comes down to preparation depth. Candidates who have studied all four domains thoroughly tend to move through questions with confidence. Those who have gaps in one or two domains often find themselves slowing down precisely when the pressure is highest.
A few pacing principles that apply directly to the ACE-AS format:
- Flag and return: If a scenario question is taking too long, mark it and come back. Don't let one complex question derail your rhythm.
- Trust your Domain 2 prep: The Airport Security Program content in Domain 2 is detailed enough that underprepared candidates visibly struggle mid-exam. Give this domain its full share of study time.
- Read every option: ACE-AS scenario questions often include a "best" answer among several plausible ones. Reading all choices before selecting is critical, especially for Domain 4 management questions.
For a full walkthrough of what the ACE-AS Exam Format 2026 looks like from registration to completion, this article covers the end-to-end process in detail.
High-Priority Topics by Domain
While every domain carries weight, certain topic clusters appear with higher frequency and complexity in the ACE-AS exam content framework. The following breakdown reflects the regulatory and operational emphasis of each domain:
Domain 1 Priorities
- The specific duties and authority of the Airport Security Coordinator versus other roles
- How TSA oversight intersects with airport operator responsibility
- The layered security system concept and how agencies contribute at each layer
Domain 2 Priorities
- What must be included in an Airport Security Program and how amendments are processed
- SIDA rules, including what activities trigger a badge requirement
- The Security Threat Assessment process and who it applies to
- Differences between general aviation security requirements and commercial airport requirements
Domain 3 Priorities
- Screening checkpoint procedures and what triggers secondary screening
- The regulatory boundary between TSA authority and airline responsibility
- AOA access control mechanisms and how perimeter breaches are handled
Domain 4 Priorities
- Training requirements for various airport employee categories
- How vulnerability assessments are structured and what they must address
- Incident reporting chains and coordination with law enforcement
Key Takeaway
Domain 2 - covering the Airport Security Program, access control, and credentialing - consistently represents some of the most detailed and testable content on the ACE-AS exam. Allocate disproportionate study time here early in your prep cycle.
A Structured Prep Approach Tied to Each Domain
Generic study advice doesn't serve ACE-AS candidates well. What does help is a domain-anchored schedule that reflects the actual complexity and volume of each content area. The following four-week framework is designed specifically around the ACE-AS domain structure:
Domain 1 - Threats, Roles, and the Security System
- Study the ASC role in detail: authority, responsibilities, reporting lines
- Map out the federal agencies involved in aviation security and their specific functions
- Review threat categories and how the layered security model addresses each
- Begin using practice questions to test terminology retention
Domain 2 - Airport Security Program, Access Control, Credentialing
- Read through the structure of a model Airport Security Program
- Memorize SIDA rules, escort requirements, and badge categories
- Study the STA process and who is subject to it
- Review general aviation security rules and how they differ from commercial requirements
Domain 3 - Aircraft Operations and Screening
- Study screening checkpoint procedures and the regulatory basis for each step
- Review AOA access rules and perimeter security requirements
- Practice scenario questions involving screening decisions and access control incidents
- Focus on cargo and catering security - often underestimated in prep
Domain 4 - Security Management and Full Review
- Study training requirements for each employee category at commercial airports
- Review vulnerability assessment frameworks and quality control audit processes
- Complete full-length mixed-domain practice tests to simulate exam conditions
- Return to domain-specific practice tests to close remaining gaps
Who Hires ACE-AS Certified Professionals?
The ACE-AS credential holds value across a range of employers in the aviation and security sectors. Understanding who recognizes and values this certification helps candidates contextualize their investment in preparation.
Commercial airport operators are the primary employers for ACE-AS certified professionals. Security coordinators, compliance managers, and operations supervisors at Class B and Class C airports frequently hold or are expected to pursue this credential. The certification demonstrates that a candidate can navigate the Airport Security Program, coordinate with TSA, and manage security incidents according to federal requirements.
Aviation security contractors - companies that provide security personnel, screening services, or consulting to airports - also value ACE-AS certification. For these firms, credentialed staff can be assigned to more complex projects and are often required on federally regulated airport contracts.
Airlines and ground handling companies operating in security-sensitive areas benefit from ACE-AS knowledge at the supervisory level. Understanding SIDA requirements, AOA access rules, and screening regulations is directly applicable to daily operations.
General aviation facilities, including Fixed Base Operators (FBOs) and private aviation terminals, increasingly seek staff with ACE-AS knowledge as general aviation security requirements evolve.
If you're also planning for recertification, the ACE-AS Renewal Requirements 2026: Step-by-Step Process provides a complete guide to maintaining your credential after you earn it.
Frequently Asked Questions
The ACE-AS exam covers four domains: Threats to Aviation and Roles of Personnel and Agencies (Domain 1); the Airport Security Program, Access Control, Credentialing, Law Enforcement, and General Aviation Security (Domain 2); Aircraft Operations and Screening (Domain 3); and Security Issues and Management (Domain 4). All four domains are tested in a mixed-question format.
Both. The exam includes direct recall questions that test knowledge of specific regulations, roles, and procedures, as well as scenario-based questions that require candidates to apply their knowledge to real-world situations. Domains 3 and 4 tend to be heavier on scenario-style questions.
Domain 1 provides the conceptual foundation for the entire exam - understanding the security system, threat landscape, and roles of key personnel makes all other domains easier to absorb. However, Domain 2 is the most content-dense and should receive the largest block of study time overall.
Domain-specific practice questions are the most effective preparation tool. Working through questions organized by each ACE-AS domain helps identify knowledge gaps before exam day. A free ACE-AS practice test is available to help you benchmark your readiness across all four domains.
Yes, the ACE-AS credential requires renewal. The process involves meeting continuing education or professional development requirements established by ACI. For a full breakdown of the renewal steps, see the ACE-AS Renewal Requirements 2026: Step-by-Step Process.
Ready to Start Practicing?
The ACE-AS exam rewards candidates who practice with domain-specific questions that mirror the real test format. Our free practice tests are built around the four ACE-AS domains - covering threats and roles, access control, aircraft operations, and security management - so you can identify gaps and study smarter before exam day.
Start Free Practice Test