Skip to content

AWS Certified Cloud Practitioner Exam Guide

AWS Certified Cloud Practitioner Certification (CLF-C01) exam helps you test your overall understanding of the AWS Cloud. This probability will be the first Amazon Web Services certification exam someone will attempt if venturing into AWS certifications.

About the AWS Certified Cloud Practitioner Exam

  • No of questions: 65 multiple-choice, multiple-response questions
  • Time to complete the exam: 90 mins
  • Passing Score: 70% or 700 out of 1,000 points
  • Cost: $100 USD plus applicable taxes

Exam Outline

  • Cloud concepts: 28%
  • Security: 24%
  • Technology: 36%
  • Billing and pricing: 12%

Certification Guide

AWS Cloud Practitioner Certification Prep

Certification Trail

Learn the AWS Cloud Practitioner Essentials

Official AWS Certified Cloud Practitioner Exam Training

AWS Cloud Practitioner Essentials

Exam Registration

AWS Certification Registration

AWS Certified Cloud Practitioner Free Practice Test

Important Topics for the AWS Certified Cloud Practitioner Exam

  • Cloud Computing: on-demand delivery of information technology (IT) resources via the Internet with pay-as-you-go pricing
  • What is AWS – cloud computing platform that owns and maintains the network-connected hardware, like servers, that you can use to power your business
  • Three cloud computing deployment models
    • Cloud
    • Hybrid
    • On-premises or private Cloud
  • Advantages of Cloud Computing
    • Stop Spending Money Running and Maintaining Data Centers
    • Trade Capital Expense for Variable Expense
    • Stop Guessing Capacity
    • Benefit from Massive Economies of Scale
    • Increase Speed and Agility
    • Go Global in Minutes
    • Keep Your Data Safe
    • Meet Compliance Requirements
  • Regions : physical location in the world that provides multiple, physically separated, and isolated Availability Zones
  • Availability Zones: consist of one or more discrete data centers, each with redundant power, networking, connectivity, and are housed in separate facilities. A fully isolated portion of the AWS global infrastructure
  • Points of Presence Locations
    • Edge Locations: caches frequently used content
    • Regional Edge Locations: caches less frequently used content
  • AWS Management Tools
    • AWS Management Console: graphical interface used to interact with AWS services and features
    • AWS Command Line Interface (AWS CLI):  open-source tool that lets you interact with the AWS services without having to do a lot of configuration. Access Key ID and Secret Access Key are required to run commands
    • AWS Software Development Kits (SDKs): supporting interfaces enable you to access AWS using a variety of popular programming languages
  • AWS Well-Architected Framework: helps design and operate reliable, secure, efficient, and cost-effective systems in AWS
  • Five pillars of AWS Well-Architected Framework
    • Operational Excellence – run, monitor and improve processes to deliver business value
    • Security – protect information, systems, and assets 
    • Reliability – disruption mitigation and recovery, dynamically scaling resources as per demand
    • Performance Efficiency – use computing resources efficiently
    • Cost Optimization – deliver business value at lowest price
  • AWS Well-Architected Tool – free service that provides a consistent process for you to review and measure your architecture
  • AWS Compute Services
    • Amazon Elastic Compute Cloud (Amazon EC2)
    • Amazon EC2 Auto Scaling
    • Amazon Elastic Container Service (Amazon ECS)
    • Amazon Elastic Kubernetes Service (Amazon EKS)
    • AWS Lambada – event-driven serverless compute engine
    • AWS Fargate – serverless compute engine for containers
  • Amazon EC2 Instance Family
    • General Purpose
    • Compute Optimized
    • Memory Optimized
    • Accelerated Computing
    • Storage Optimized
  • AWS EC2 Instance Type
    • On Demand
    • Reserved
    • Spot – cheapest
    • Dedicated Hosts: allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2
  • AWS Cloud Storage Services
    • Amazon Simple Storage Service (Amazon S3): stores data as objects in buckets. Each object can be upto 5TB in size
    • Amazon Elastic Block Store (Amazon EBS): persistent block storage volumes attachable to Amazon EC2 instances
    • Amazon Elastic File System (Amazon EFS): scalable, fully managed, elastic file system
  • Amazon Simple Storage Service (Amazon S3) Storage Classes
    • Amazon S3 Standard (S3 Standard)
    • Amazon S3 Intelligent-Tiering (S3 Intelligent-Tiering)
    • Amazon S3 Standard-Infrequent Access (S3 Standard-IA)
    • Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
    • Amazon S3 Glacier
    • Amazon S3 Glacier Deep Archive
  • AWS Database Services
    • Amazon Relational Database Service (Amazon RDS) – supports Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle and Microsoft SQL Server
    • Amazon Aurora – MySQL and PostgreSQL compatible relational database 
    • Amazon ElastiCache – in-memory data store or cache in the cloud
    • Amazon Neptune – graph database service 
    • Amazon Redshift – data warehousing service for big data analytics
    • Amazon DocumentDB – managed document database service that supports MongoDB
    • Amazon DynamoDB – key-value database service
    • Amazon Quantum Ledger Database (Amazon QLDB) – ledger database service
  • Amazon ElastiCache supports Memcached and Redis in-memory engines
  • Amazon Virtual Private Cloud (Amazon VPC) – isolated portions of the AWS Cloud where customers deploy their AWS infrastructure
  • Network Access Control Lists (NACL) – optional layer of security for Amazon VPC for controlling traffic in and out of a subnet
  • Security Group – a virtual firewall for EC2 instances to control incoming and outgoing traffic
  • Access Control Lists (ACL) – manage access to buckets and objects
  • Amazon Route 53 – DNS web service to route end users to internet applications hosted in AWS
  • AWS Direct Connect – establish a private, dedicated network connection from customer data center to AWS
  • Amazon CloudFront – CDN Service
  • Origin: server from which Amazon CloudFront gets files
  • Amazon EC2 Auto Scaling Options
    • Maintain the current instance levels at all times
    • Manual scaling
    • Scheduled scaling
    • Dynamic scaling
    • Predictive scaling
  • AWS Application Auto Scaling – application scaling to optimize performance and cost across multiple AWS services such as EC2, DynamoDB, Aurora
  • Elastic Load Balancing – automatically distributes traffic across multiple targets to ensure optimum performance in the event of a traffic spike. Three types are:
    • Application Load Balancer
    • Network Load Balancer
    • Classic Load Balancer
  • Application integration – building a system that is broken up into small, loosely coupled components
  • Amazon Simple Notification Service (Amazon SNS): enables message filtering and distribution on a large scale, can send mobile SMS
  • Amazon Simple Queue Service (Amazon SQS) – message queue that can send, store, and receive messages between software components
  • AWS CloudFormation – infrastructure as code, provision resources by using programming languages or a text file
  • AWS Trusted Advisor – runs checks against your environment to see if it meets predefined criteria across five categories: cost optimization, performance, security, fault tolerance, and service limits. Green check means no problems, orange triangle means investigation required, and red circle means action required
  • AWS CloudTrail – governance, compliance, operational auditing, and risk auditing of AWS account
  • Amazon CloudWatch – monitors AWS resources and the applications running on AWS in real time
  • Shared Responsibility Model – AWS secures and maintains the cloud infrastructure, tenants are responsible for securing everything that is stored in the cloud
  • AWS Identity and Access Management (IAM) – manage access to AWS services and resources
  • Amazon Inspector – automated security assessment service that helps improve the security and compliance of applications deployed on AWS
  • AWS Security Hub – aggregates, organizes and prioritizes security findings
  • AWS Web Application Firewall (WAF) – protect web applications and APIs against common web exploits that may affect application availability
  • AWS Key Management Service (KMS) – create and control the encryption keys that are used to encrypt data
  • AWS Shield: DDoS protection service
  • AWS Artifact – free service that provides on-demand access to AWS’s security and compliance reports
  • AWS Budgets – create, track and inspect budgets
  • AWS Cost Explorer – view, manage and analyze AWS costs and usage over time
  • AWS Cost and Usage Report – detailed information about AWS costs and usage
  • AWS Total Cost of Ownership (TCO) Calculator – allows you to compare the cost of running applications in an on-premises or traditional hosting environment to running the applications with AWS
  • AWS Simple Monthly Calculator – estimate your monthly bill
  • AWS Organizations – free account management service to consolidate multiple AWS accounts into an organization to centrally manage
  • AWS Support Plans
    • Basic – included for all customers for free, 24/7 customer service, support forum but does not provide ability to create cases 
    • Developer – Basic + email access to customer support
    • Business – Developer + direct phone access to cloud support engineers, infra event support, access to AWS Support API
    • Enterprise – Business + Technical Account Manager, White-glove case routing
  • AWS Quick Starts – automated reference deployments for workloads on AWS Cloud
  • AWS Cloud Adoption Framework (CAF) – assess needs across a wide range of areas and develop the right workstreams to achieve organisation goals. Six core perspectives
    • Business
    • People
    • Governance
    • Platform
    • Security
    • Operations
  • The 6 R’s
    • Rehosting – moving an application to cloud with little to no modifications
    • Replatforming – selectively optimizing application to achieve benefits in the cloud
    • Retiring – sunset application
    • Retaining – do not migrate to cloud, consider retiring in future
    • Repurchasing – replacing an existing application with a cloud-based version
    • Refactoring – changing how an application is architected and developed using cloud-native features
  • AWS Database Migration Services – helps migrate databases to AWS
  • AWS Snow Family – physical devices shipped to customer location, transfer data and ship back the device to AWS
    • AWS Snowcone – upto 8 TB of storage
    • AWS Snowball – upto 80 TB of storage
    • AWS Snowmobile – upto 100 PB of storage
  • AWS Snowball Edge – a type of Snowball device with on-board storage and compute power for select AWS capabilities. It can do local processing and edge-computing workloads in addition to transferring data between local environment and the AWS Cloud
  • Amazon Transcribe – convert speech to text
  • Amazon Comprehend – natural-language processing (NLP) service that uses machine learning to uncover information in unstructured data
  • Amazon Fraud Detector – identify potentially fraudulent online activities
  • Amazon SageMaker – deploy Machine Learning Models
  • Amazon Polly – turns text into lifelike speech, allowing creation of applications that can talk
  • Amazon Lex – build voice and text chatbots
  • Amazon Textract – extracts text and data from scanned documents
  • AWS DeepRacer – 1/18 scale race car to test reinforcement learning models
  • Amazon Augmented AI – built-in human review workflows for common machine learning use cases
  • AWS Elastic Beanstalk: automatic capacity provisioning, load balancing, auto-scaling, and application health monitoring
  • AWS Outposts – run infrastructure in a hybrid cloud approach
  • Amazon GuardDuty – intelligent threat detection for AWS infrastructure and resources
  • AWS Marketplace – digital catalog of software listings from independent software vendors
  • Amazon AppStream – enables compute-intensive applications to be the streamed from AWS cloud to local computing devices
  • Amazon Macie – data security and data privacy service
  • AWS Site-to-Site VPN – access remote network from VPC
  • Key concepts for Site-to-Site VPN
    • VPN connection – secure connection between on-premises and VPC
    • VPN tunnel – encrypted link from the customer network to AWS
    • Customer gateway – provides information to AWS about customer gateway device
    • Customer gateway device – A physical device or software application on customer side
    • Virtual private gateway – VPN concentrator on the Amazon side
    • Transit gateway – transit hub to interconnect VPCs and on-premises networks
  • AWS Security Bulletins – stay up to date on AWS security announcements
  • AWS Control Tower – automates the process of setting up a new baseline multi-account AWS that is secure, well-architected and ready to use
  • AWS Global Accelerator – combines advanced networking features with the dedicated AWS Global Network to improve application network performance
  • AWS CodePipeline – continuous delivery service to automate release pipelines
  • AWS CodeDeploy – deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services
  • AWS CodeCommit – secure, highly scalable, managed source control service that hosts private Git repositories
  • AWS CodeStar – quickly develop, build, and deploy applications on AWS. Provides a unified user interface to easily manage software development activities in one place
  • AWS Config – assess, audit, and evaluate the configurations of AWS resources
  • AWS OpsWorks – configuration management service to configure and operate applications in cloud by using Puppet or Chef
  • Amazon Kinesis – real-time data streaming service to capture, process and analyse real-time video and data streams
  • AWS Application Discovery Service – collects server specification information, performance data, and details of running processes and network connections
  • Amazon Connect – easy to use omnichannel cloud contact center
  • Convertible Reserved Instances (RIs) – allows to change the instance family
  • Amazon Athena – serverless interactive query service to analyze data in Amazon S3 using standard SQL
  • Amazon QuickSight – serverless, embeddable, machine learning-powered business intelligence (BI) service
  • Amazon Lightsail – packages memory, processing, storage and transfer into virtual machines (VM) for new or less experienced users
  • Amazon Rekognition – identify objects, people, text, scenes, and activities in images and videos
  • VPC Flow Logs – capture information about the IP traffic going to and from network interfaces in VPC
  • AWS Storage Gateway – a set of hybrid cloud services that gives on-premises access to cloud storage
  • Amazon Cognito – provides authentication, authorization, and user management for web and mobile apps
  • AWS Batch – manages compute environments and job queues
  • AWS Data Pipeline – managed ETL, a web service that helps reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals
  • AWS Glue – serverless ETL, a data integration service to discover, prepare, and combine data for analytics, machine learning, and application development
  • AWS Systems Manager – operations hub for AWS. A unified user interface to track and resolve operational issues across AWS applications and resources from a central place. e.g. automate software patch installation
  • AWS Device Farm – application testing service for web and mobile apps across an extensive range of desktop browsers and real mobile devices without having to provision and manage any testing infrastructure
  • AWS Ground Station – ingest data from the satellite, monitor the satellite health and status, and transmit commands to change the satellite’s operations
  • Amazon EMR – cloud big data platform for processing vast amounts of data using open source tools such as Apache Spark, Apache Hive
  • Amazon Detective – analyze trillions of events from multiple data sources such as Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail, and Amazon GuardDuty
  • AWS X-Ray – service to help developers analyze and debug distributed applications
  • Standard Vs Convertible Reseved Instance
Standard Reserved InstanceConvertible Reserved Instance
One-year to three-year termOne-year to three-year term
Enables you to modify Availability Zone, scope, networking type, and instance size (within the same instance type) of your Reserved InstanceEnables you to exchange one or more Convertible Reserved Instances for another Convertible Reserved Instance with a different configuration, including instance family, operating system, and tenancy
Can be sold in the Reserved Instance MarketplaceCannot be sold in the Reserved Instance Marketplace
  • AWS Mobile Hub – configure, build, test, and monitor usage of Mobile Apps 
  • AWS Local Zones – places AWS compute, storage, database, and other select services close to large population, industry, and IT centers
  • AWS IQ – find AWS Certified freelancers and consulting firms. Pay directly through AWS only when work is complete and you are satisfied
  • AWS Certificate Manager – provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services
  • AWS Secrets Manager – protect secrets needed to access applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle
  • AWS Resource Access Manager (RAM) – securely share resources across AWS accounts, within organization or organizational units (OUs) in AWS Organizations, and with IAM roles and IAM users for supported resource types such as transit gateways, subnets, AWS License Manager license configurations, Amazon Route 53 Resolver
  • AWS Amplify – set of tools and services to help front-end web and mobile developers build scalable full stack applications, powered by AWS. Supports popular web frameworks including JavaScript, React, Angular and mobile platforms including Android, iOS
AWS Certified Cloud Practitioner Certificate
AWS Certified Cloud Practitioner Certificate

Share this article...

Please Leave a Comment

error: Content is protected !!

Discover more from DYDC

Subscribe now to keep reading and get access to the full archive.

Continue reading