Summary of AWS Certified Cloud Practitioner (CLF-C02) Exam Guide Summary

  • d1.awsstatic.com
  • PDF
  • Summarized Content

    Introduction to AWS Certified Cloud Practitioner (CLF-C02) Exam

    This comprehensive guide provides a detailed overview of the AWS Certified Cloud Practitioner (CLF-C02) exam, designed for individuals seeking to demonstrate their understanding of the AWS Cloud. The exam evaluates a candidate's ability to grasp the value of the AWS Cloud, understand the shared responsibility model, security best practices, and billing practices. It also covers key AWS services across compute, network, database, and storage, enabling candidates to identify appropriate services for various use cases.

    Target Audience for the AWS Exam

    The target audience for this certification includes individuals with up to 6 months of experience in AWS Cloud design, implementation, or operations. It is particularly beneficial for candidates from non-IT backgrounds who are either starting their AWS Cloud career or working alongside individuals in AWS Cloud roles.

    • Individuals with up to 6 months of AWS Cloud experience.
    • Candidates from non-IT backgrounds pursuing an AWS Cloud career.
    • Professionals working with people in AWS Cloud roles.

    Recommended AWS Knowledge Areas

    To excel in the AWS Certified Cloud Practitioner exam, candidates should possess knowledge in these key areas:

    • AWS Cloud concepts
    • Security and compliance in the AWS Cloud
    • Core AWS services
    • Economics of the AWS Cloud

    AWS Exam Content and Structure

    The CLF-C02 exam consists of two types of questions:

    • Multiple choice: One correct response and three distractors.
    • Multiple response: Two or more correct responses out of five or more options.

    The exam comprises 50 scored questions and 15 unscored questions, which are used for future exam development. The minimum passing score is 700 on a scale of 100-1000.

    Exam Results and Scoring Model

    The AWS Certified Cloud Practitioner (CLF-C02) exam has a pass or fail designation. Your exam score is presented as a scaled score ranging from 100 to 1000, with a minimum passing score of 700. This scaled scoring model ensures fairness across different exam forms with varying difficulty levels. While the score report provides an overall score, it may also include a breakdown of your performance in each section. The exam employs a compensatory scoring model, meaning you don't need to achieve a passing score in every section; you only need to pass the exam overall.

    Content Outline: AWS Exam Domains

    The CLF-C02 exam is divided into four content domains with corresponding weightings:

    Domain Weighting
    Domain 1: Cloud Concepts 24%
    Domain 2: Security and Compliance 30%
    Domain 3: Cloud Technology and Services 34%
    Domain 4: Billing, Pricing, and Support 12%

    Domain 1: Cloud Concepts

    This domain focuses on understanding the value proposition of the AWS Cloud and its design principles.

    Task Statement 1.1: Define the Benefits of the AWS Cloud

    Candidates should understand the value proposition of the AWS Cloud, encompassing aspects like cost savings, benefits of global infrastructure, and advantages of high availability, elasticity, and agility.

    Task Statement 1.2: Identify Design Principles of the AWS Cloud

    Candidates should be familiar with the AWS Well-Architected Framework and its pillars, including operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. They should also be able to differentiate between these pillars.

    Task Statement 1.3: Understand the Benefits of and Strategies for Migration to the AWS Cloud

    Candidates should understand cloud adoption strategies and resources supporting the cloud migration journey. They should also be familiar with the AWS Cloud Adoption Framework (AWS CAF) and its benefits, including reduced business risk, improved environmental, social, and governance (ESG) performance, increased revenue, and enhanced operational efficiency. Candidates should be able to identify appropriate migration strategies, such as database replication and the use of AWS Snowball.

    Task Statement 1.4: Understand Concepts of Cloud Economics

    Candidates should understand the concept of rightsizing and the benefits of automation, including provisioning and configuration management with AWS CloudFormation. They should also recognize managed AWS services, such as Amazon RDS, Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Kubernetes Service (Amazon EKS), and Amazon DynamoDB.

    Domain 2: Security and Compliance

    This domain delves into the AWS shared responsibility model, AWS Cloud security, governance, and compliance concepts, and access management capabilities.

    Task Statement 2.1: Understand the AWS Shared Responsibility Model

    Candidates should recognize the components of the AWS shared responsibility model and be able to describe the responsibilities of both the customer and AWS. They should understand how responsibilities can shift depending on the AWS service used, such as Amazon RDS, AWS Lambda, and Amazon EC2.

    Task Statement 2.2: Understand AWS Cloud Security, Governance, and Compliance Concepts

    Candidates should identify where to find AWS compliance information (e.g., AWS Artifact), understand compliance needs among geographic locations or industries, and describe how customers secure resources on AWS (e.g., Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield). They should also be familiar with different encryption options, such as encryption in transit and encryption at rest, and recognize services that aid in governance and compliance, such as monitoring with Amazon CloudWatch, auditing with AWS CloudTrail, AWS Audit Manager, and AWS Config, and reporting with access reports.

    Task Statement 2.3: Identify AWS Access Management Capabilities

    Candidates should understand identity and access management (IAM) concepts, including the importance of protecting the AWS root user account, the principle of least privilege, and AWS IAM Identity Center (AWS Single Sign-On). They should also be able to identify authentication methods in AWS (e.g., multi-factor authentication [MFA], IAM Identity Center, cross-account IAM roles), define groups, users, custom policies, and managed policies in compliance with the principle of least privilege, and understand which methods can achieve root user protection.

    Task Statement 2.4: Identify Components and Resources for Security

    Candidates should be familiar with security capabilities provided by AWS and security-related documentation. They should be able to describe AWS security features and services (e.g., security groups, network ACLs, AWS WAF), understand the availability of third-party security products from AWS Marketplace, and identify where AWS security information is available (e.g., AWS Knowledge Center, AWS Security Center, AWS Security Blog). They should also understand the use of AWS services for identifying security issues, such as AWS Trusted Advisor.

    Domain 3: Cloud Technology and Services

    This domain covers various aspects of deploying and operating in the AWS Cloud, including the AWS global infrastructure, compute, database, network, storage, and other key services.

    Task Statement 3.1: Define Methods of Deploying and Operating in the AWS Cloud

    Candidates should understand different ways to provision and operate in the AWS Cloud, including programmatic access (e.g., APIs, SDKs, CLI), the AWS Management Console, and infrastructure as code (IaC). They should be able to evaluate requirements to determine whether to use one-time operations or repeatable processes, identify different deployment models (e.g., cloud, hybrid, on-premises), and identify connectivity options (e.g., AWS VPN, AWS Direct Connect, public internet).

    Task Statement 3.2: Define the AWS Global Infrastructure

    Candidates should be familiar with AWS Regions, Availability Zones, and edge locations. They should understand how to achieve high availability by using multiple Availability Zones, recognize that Availability Zones do not share single points of failure, and describe when to use multiple Regions (e.g., disaster recovery, business continuity, low latency for end users, data sovereignty). They should also be able to describe the benefits of edge locations (e.g., Amazon CloudFront, AWS Global Accelerator).

    Task Statement 3.3: Identify AWS Compute Services

    Candidates should recognize the appropriate use of different EC2 instance types (e.g., compute optimized, storage optimized), different container options (e.g., Amazon ECS, Amazon EKS), and serverless compute options (e.g., AWS Fargate, Lambda). They should understand that auto scaling provides elasticity and identify the purposes of load balancers.

    Task Statement 3.4: Identify AWS Database Services

    Candidates should be able to decide between EC2 hosted databases and AWS managed databases, identify relational databases (e.g., Amazon RDS, Amazon Aurora), NoSQL databases (e.g., DynamoDB), memory-based databases, and database migration tools (e.g., AWS Database Migration Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT]).

    Task Statement 3.5: Identify AWS Network Services

    Candidates should understand the components of a VPC (e.g., subnets, gateways), security in a VPC (e.g., network ACLs, security groups), the purpose of Amazon Route 53, edge services (e.g., CloudFront, Global Accelerator), and network connectivity options to AWS (e.g., AWS VPN, Direct Connect).

    Task Statement 3.6: Identify AWS Storage Services

    Candidates should be able to identify the uses for object storage, recognize the differences in Amazon S3 storage classes, identify block storage solutions (e.g., Amazon Elastic Block Store [Amazon EBS], instance store), file services (e.g., Amazon Elastic File System [Amazon EFS], Amazon FSx), and cached file systems (e.g., AWS Storage Gateway). They should also understand use cases for lifecycle policies and AWS Backup.

    Task Statement 3.7: Identify AWS Artificial Intelligence and Machine Learning (AI/ML) Services and Analytics Services

    Candidates should be familiar with AWS AI/ML services and their tasks (e.g., Amazon SageMaker, Amazon Lex, Amazon Kendra) and understand the services for data analytics (e.g., Amazon Athena, Amazon Kinesis, AWS Glue, Amazon QuickSight).

    Task Statement 3.8: Identify Services from Other In-Scope AWS Service Categories

    Candidates should understand services from various AWS categories, including application integration services (Amazon EventBridge, Amazon Simple Notification Service [Amazon SNS], and Amazon Simple Queue Service [Amazon SQS]), business application services (Amazon Connect and Amazon Simple Email Service [Amazon SES]), customer engagement services (AWS Activate for Startups, AWS IQ, AWS Managed Services [AMS], and AWS Support), developer tool services and capabilities (AWS AppConfig, AWS Cloud9, AWS CloudShell, AWS CodeArtifact, AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline, AWS CodeStar, and AWS X-Ray), end-user computing services (Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces Web), frontend web and mobile services (AWS Amplify and AWS AppSync), and IoT services (AWS IoT Core and AWS IoT Greengrass).

    Domain 4: Billing, Pricing, and Support

    This domain focuses on understanding AWS pricing models, resources for billing, budget, and cost management, and AWS technical resources and support options.

    Task Statement 4.1: Compare AWS Pricing Models

    Candidates should be able to identify and compare different compute purchasing options (e.g., On-Demand Instances, Reserved Instances, Spot Instances, Savings Plans, Dedicated Hosts, Dedicated Instances, Capacity Reservations), understand data transfer charges, and understand pricing options for various storage options and tiers.

    Task Statement 4.2: Understand Resources for Billing, Budget, and Cost Management

    Candidates should understand the appropriate uses and capabilities of AWS Budgets, AWS Cost Explorer, and AWS Billing Conductor. They should also be familiar with AWS Pricing Calculator, AWS Organizations consolidated billing and cost allocation, various types of cost allocation tags and their relation to billing reports (e.g., AWS Cost and Usage Report).

    Task Statement 4.3: Identify AWS Technical Resources and AWS Support Options

    Candidates should be able to locate AWS whitepapers, blogs, and documentation on official AWS websites, identify and locate AWS technical resources (e.g., AWS Prescriptive Guidance, AWS Knowledge Center, AWS re:Post), and identify AWS Support options for AWS customers (e.g., customer service and communities, AWS Developer Support, AWS Business Support, AWS Enterprise On-Ramp Support, AWS Enterprise Support). They should also understand the role of Trusted Advisor, AWS Health Dashboard, and the AWS Health API to help manage and monitor environments for cost optimization and the role of the AWS Trust and Safety team to report abuse of AWS resources.

    Appendix A: Technologies and Concepts

    This appendix outlines technologies and concepts that might appear on the exam. It's important to note that this list is non-exhaustive and may change. It includes a variety of topics, such as APIs, AWS Cloud Adoption Framework (AWS CAF), AWS Compliance, AWS global infrastructure, infrastructure as code (IaC), AWS Knowledge Center, machine learning, management and governance, migration and data transfer, AWS Partner Network, AWS Prescriptive Guidance, AWS Pricing Calculator, AWS Professional Services, AWS re:Post, AWS SDKs, security, AWS Security Blog, AWS Security Center, AWS shared responsibility model, AWS Solutions Architects, and storage.

    Appendix B: Comparison of CLF-C01 and CLF-C02

    This appendix compares the content of the previous version (CLF-C01) and the current version (CLF-C02) of the AWS Certified Cloud Practitioner exam. It provides a breakdown of the content domains and their respective weightings in both versions, highlighting any additions, deletions, or recategorizations of content.

    The main addition in CLF-C02 is a new task statement (Task Statement 1.3) that focuses on understanding the benefits of and strategies for migration to the AWS Cloud. This task statement incorporates the AWS Cloud Adoption Framework (AWS CAF) and its benefits. No content was deleted from the exam, and content from several task statements in CLF-C01 has been recategorized into one or more of the tasks in CLF-C02.

    C01 Domain Percent of Scored Questions C02 Domain Percent of Scored Questions
    1: Cloud Concepts 26% 1: Cloud Concepts 24%
    2: Security and Compliance 25% 2: Security and Compliance 30%
    3: Technology 33% 3: Cloud Technology and Services 34%
    4: Billing and Pricing 16% 4: Billing, Pricing, and Support 12%

    This guide provides a comprehensive overview of the AWS Certified Cloud Practitioner (CLF-C02) exam, equipping you with the necessary knowledge and skills to succeed in your cloud computing journey. By understanding the exam structure, content domains, and key task statements, you can effectively prepare for this valuable AWS certification.

    Ask anything...

    Sign Up Free to ask questions about anything you want to learn.