This comprehensive guide provides a detailed overview of the AWS Certified Cloud Practitioner (CLF-C02) exam, designed for individuals seeking to demonstrate their understanding of the AWS Cloud. The exam evaluates a candidate's ability to grasp the value of the AWS Cloud, understand the shared responsibility model, security best practices, and billing practices. It also covers key AWS services across compute, network, database, and storage, enabling candidates to identify appropriate services for various use cases.
The target audience for this certification includes individuals with up to 6 months of experience in AWS Cloud design, implementation, or operations. It is particularly beneficial for candidates from non-IT backgrounds who are either starting their AWS Cloud career or working alongside individuals in AWS Cloud roles.
To excel in the AWS Certified Cloud Practitioner exam, candidates should possess knowledge in these key areas:
The CLF-C02 exam consists of two types of questions:
The exam comprises 50 scored questions and 15 unscored questions, which are used for future exam development. The minimum passing score is 700 on a scale of 100-1000.
The AWS Certified Cloud Practitioner (CLF-C02) exam has a pass or fail designation. Your exam score is presented as a scaled score ranging from 100 to 1000, with a minimum passing score of 700. This scaled scoring model ensures fairness across different exam forms with varying difficulty levels. While the score report provides an overall score, it may also include a breakdown of your performance in each section. The exam employs a compensatory scoring model, meaning you don't need to achieve a passing score in every section; you only need to pass the exam overall.
The CLF-C02 exam is divided into four content domains with corresponding weightings:
Domain | Weighting |
---|---|
Domain 1: Cloud Concepts | 24% |
Domain 2: Security and Compliance | 30% |
Domain 3: Cloud Technology and Services | 34% |
Domain 4: Billing, Pricing, and Support | 12% |
This domain focuses on understanding the value proposition of the AWS Cloud and its design principles.
Candidates should understand the value proposition of the AWS Cloud, encompassing aspects like cost savings, benefits of global infrastructure, and advantages of high availability, elasticity, and agility.
Candidates should be familiar with the AWS Well-Architected Framework and its pillars, including operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. They should also be able to differentiate between these pillars.
Candidates should understand cloud adoption strategies and resources supporting the cloud migration journey. They should also be familiar with the AWS Cloud Adoption Framework (AWS CAF) and its benefits, including reduced business risk, improved environmental, social, and governance (ESG) performance, increased revenue, and enhanced operational efficiency. Candidates should be able to identify appropriate migration strategies, such as database replication and the use of AWS Snowball.
Candidates should understand the concept of rightsizing and the benefits of automation, including provisioning and configuration management with AWS CloudFormation. They should also recognize managed AWS services, such as Amazon RDS, Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Kubernetes Service (Amazon EKS), and Amazon DynamoDB.
This domain delves into the AWS shared responsibility model, AWS Cloud security, governance, and compliance concepts, and access management capabilities.
Candidates should recognize the components of the AWS shared responsibility model and be able to describe the responsibilities of both the customer and AWS. They should understand how responsibilities can shift depending on the AWS service used, such as Amazon RDS, AWS Lambda, and Amazon EC2.
Candidates should identify where to find AWS compliance information (e.g., AWS Artifact), understand compliance needs among geographic locations or industries, and describe how customers secure resources on AWS (e.g., Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield). They should also be familiar with different encryption options, such as encryption in transit and encryption at rest, and recognize services that aid in governance and compliance, such as monitoring with Amazon CloudWatch, auditing with AWS CloudTrail, AWS Audit Manager, and AWS Config, and reporting with access reports.
Candidates should understand identity and access management (IAM) concepts, including the importance of protecting the AWS root user account, the principle of least privilege, and AWS IAM Identity Center (AWS Single Sign-On). They should also be able to identify authentication methods in AWS (e.g., multi-factor authentication [MFA], IAM Identity Center, cross-account IAM roles), define groups, users, custom policies, and managed policies in compliance with the principle of least privilege, and understand which methods can achieve root user protection.
Candidates should be familiar with security capabilities provided by AWS and security-related documentation. They should be able to describe AWS security features and services (e.g., security groups, network ACLs, AWS WAF), understand the availability of third-party security products from AWS Marketplace, and identify where AWS security information is available (e.g., AWS Knowledge Center, AWS Security Center, AWS Security Blog). They should also understand the use of AWS services for identifying security issues, such as AWS Trusted Advisor.
This domain covers various aspects of deploying and operating in the AWS Cloud, including the AWS global infrastructure, compute, database, network, storage, and other key services.
Candidates should understand different ways to provision and operate in the AWS Cloud, including programmatic access (e.g., APIs, SDKs, CLI), the AWS Management Console, and infrastructure as code (IaC). They should be able to evaluate requirements to determine whether to use one-time operations or repeatable processes, identify different deployment models (e.g., cloud, hybrid, on-premises), and identify connectivity options (e.g., AWS VPN, AWS Direct Connect, public internet).
Candidates should be familiar with AWS Regions, Availability Zones, and edge locations. They should understand how to achieve high availability by using multiple Availability Zones, recognize that Availability Zones do not share single points of failure, and describe when to use multiple Regions (e.g., disaster recovery, business continuity, low latency for end users, data sovereignty). They should also be able to describe the benefits of edge locations (e.g., Amazon CloudFront, AWS Global Accelerator).
Candidates should recognize the appropriate use of different EC2 instance types (e.g., compute optimized, storage optimized), different container options (e.g., Amazon ECS, Amazon EKS), and serverless compute options (e.g., AWS Fargate, Lambda). They should understand that auto scaling provides elasticity and identify the purposes of load balancers.
Candidates should be able to decide between EC2 hosted databases and AWS managed databases, identify relational databases (e.g., Amazon RDS, Amazon Aurora), NoSQL databases (e.g., DynamoDB), memory-based databases, and database migration tools (e.g., AWS Database Migration Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT]).
Candidates should understand the components of a VPC (e.g., subnets, gateways), security in a VPC (e.g., network ACLs, security groups), the purpose of Amazon Route 53, edge services (e.g., CloudFront, Global Accelerator), and network connectivity options to AWS (e.g., AWS VPN, Direct Connect).
Candidates should be able to identify the uses for object storage, recognize the differences in Amazon S3 storage classes, identify block storage solutions (e.g., Amazon Elastic Block Store [Amazon EBS], instance store), file services (e.g., Amazon Elastic File System [Amazon EFS], Amazon FSx), and cached file systems (e.g., AWS Storage Gateway). They should also understand use cases for lifecycle policies and AWS Backup.
Candidates should be familiar with AWS AI/ML services and their tasks (e.g., Amazon SageMaker, Amazon Lex, Amazon Kendra) and understand the services for data analytics (e.g., Amazon Athena, Amazon Kinesis, AWS Glue, Amazon QuickSight).
Candidates should understand services from various AWS categories, including application integration services (Amazon EventBridge, Amazon Simple Notification Service [Amazon SNS], and Amazon Simple Queue Service [Amazon SQS]), business application services (Amazon Connect and Amazon Simple Email Service [Amazon SES]), customer engagement services (AWS Activate for Startups, AWS IQ, AWS Managed Services [AMS], and AWS Support), developer tool services and capabilities (AWS AppConfig, AWS Cloud9, AWS CloudShell, AWS CodeArtifact, AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline, AWS CodeStar, and AWS X-Ray), end-user computing services (Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces Web), frontend web and mobile services (AWS Amplify and AWS AppSync), and IoT services (AWS IoT Core and AWS IoT Greengrass).
This domain focuses on understanding AWS pricing models, resources for billing, budget, and cost management, and AWS technical resources and support options.
Candidates should be able to identify and compare different compute purchasing options (e.g., On-Demand Instances, Reserved Instances, Spot Instances, Savings Plans, Dedicated Hosts, Dedicated Instances, Capacity Reservations), understand data transfer charges, and understand pricing options for various storage options and tiers.
Candidates should understand the appropriate uses and capabilities of AWS Budgets, AWS Cost Explorer, and AWS Billing Conductor. They should also be familiar with AWS Pricing Calculator, AWS Organizations consolidated billing and cost allocation, various types of cost allocation tags and their relation to billing reports (e.g., AWS Cost and Usage Report).
Candidates should be able to locate AWS whitepapers, blogs, and documentation on official AWS websites, identify and locate AWS technical resources (e.g., AWS Prescriptive Guidance, AWS Knowledge Center, AWS re:Post), and identify AWS Support options for AWS customers (e.g., customer service and communities, AWS Developer Support, AWS Business Support, AWS Enterprise On-Ramp Support, AWS Enterprise Support). They should also understand the role of Trusted Advisor, AWS Health Dashboard, and the AWS Health API to help manage and monitor environments for cost optimization and the role of the AWS Trust and Safety team to report abuse of AWS resources.
This appendix outlines technologies and concepts that might appear on the exam. It's important to note that this list is non-exhaustive and may change. It includes a variety of topics, such as APIs, AWS Cloud Adoption Framework (AWS CAF), AWS Compliance, AWS global infrastructure, infrastructure as code (IaC), AWS Knowledge Center, machine learning, management and governance, migration and data transfer, AWS Partner Network, AWS Prescriptive Guidance, AWS Pricing Calculator, AWS Professional Services, AWS re:Post, AWS SDKs, security, AWS Security Blog, AWS Security Center, AWS shared responsibility model, AWS Solutions Architects, and storage.
This appendix compares the content of the previous version (CLF-C01) and the current version (CLF-C02) of the AWS Certified Cloud Practitioner exam. It provides a breakdown of the content domains and their respective weightings in both versions, highlighting any additions, deletions, or recategorizations of content.
The main addition in CLF-C02 is a new task statement (Task Statement 1.3) that focuses on understanding the benefits of and strategies for migration to the AWS Cloud. This task statement incorporates the AWS Cloud Adoption Framework (AWS CAF) and its benefits. No content was deleted from the exam, and content from several task statements in CLF-C01 has been recategorized into one or more of the tasks in CLF-C02.
C01 Domain | Percent of Scored Questions | C02 Domain | Percent of Scored Questions |
---|---|---|---|
1: Cloud Concepts | 26% | 1: Cloud Concepts | 24% |
2: Security and Compliance | 25% | 2: Security and Compliance | 30% |
3: Technology | 33% | 3: Cloud Technology and Services | 34% |
4: Billing and Pricing | 16% | 4: Billing, Pricing, and Support | 12% |
This guide provides a comprehensive overview of the AWS Certified Cloud Practitioner (CLF-C02) exam, equipping you with the necessary knowledge and skills to succeed in your cloud computing journey. By understanding the exam structure, content domains, and key task statements, you can effectively prepare for this valuable AWS certification.
Ask anything...