AWS Certified Cloud Practitioner Exam Study Guide And Crib Sheet [CLF-C01]
Feb 03, 2022The AWS Cloud Practitioner Certification is an ideal starting point for non-technical professionals looking to understand Cloud Computing from a business perspective. The Cloud Practitioner certification is attainable in only a few days of study.
AWS Certified Cloud Practitioner is intended for anyone who has basic knowledge of the AWS platform. Before taking this exam, we recommend you have: Six months of exposure to the AWS Cloud.
The study guide has been put together to help you find all the exam objectives efficiently.
There is a full course here for those that would like to a concise learning experience.
Domain 1: Cloud Concepts – 26%
1.1 Define the AWS Cloud and Its Value Proposition
Define the benefits of the AWS cloud including:
o Security
Six advantages of cloud security
o Reliability
Reliability pillar: AWS Well-Architected Framework
o High Availability
o Elasticity
Elasticity in AWS Well-Architected Framework
o Agility
o Pay-as-you-go pricing
o Scalability
Scalability in AWS Well-Architected Framework
o Global Reach
Global infrastructure Amazon.com
o Economy of scale
The concept of Economies of Scale
Explain how the AWS cloud allows users to focus on business value
o Shifting technical resources to revenue-generating activities as opposed to managing infrastructure
Cloud Computing’s value proposition | Maximize value with AWS
Business Value on AWS (Whitepaper)
1.2 Identify Aspects of AWS Cloud Economics
Define items that would be part of a Total Cost of Ownership proposal
o Understand the role of operational expenses (OpEx)
o Understand the role of capital expenses (CapEx)
Cloud, CapEx, and OpEx: Reframing the Conversation
o Understand labor costs associated with on-premises operations
Evaluate the TCO for an on-premise application system
o Understand the impact of software licensing costs when moving to the cloud
Software licensing: The blind spot in public cloud costs
Identify which operations will reduce costs by moving to the cloud
o Right-sized infrastructure
o Benefits of automation
The case for investing in cloud automation
o Reduce compliance scope (for example, reporting)
Minimize the PCI compliance burden
o Managed services (for example, RDS, ECS, EKS, DynamoDB)
AWS Cloud Practitioner Course - Get prepared now
1.3 Explain the Different Cloud Architecture Design Principles
Explain the design principles
o Design for failure
o Decouple components versus monolithic architecture
How to break a monolith application into microservices?
o Implement elasticity in the cloud versus on-premises
Elasticity: AWS Well-Architected Framework
2.1 Define the AWS Shared Responsibility Model
Domain 2: Security and Compliance – 25%
Recognize the elements of the Shared Responsibility Model
Shared Responsibility Model in AWS
Describe the customer’s responsibility on AWS
o Describe how the customer’s responsibilities may shift depending on the service used (for example with RDS, Lambda, or EC2)
The customer is responsible for security in the cloud.
Lambda: The Shared Responsibility Model
Describe AWS responsibilities
AWS responsible for the security of the cloud
2.2 Define AWS Cloud Security and Compliance Concepts
Identify where to find AWS compliance information
o Locations of lists of recognized available compliance controls (for example, HIPPA, SOCs)
o Recognize that compliance requirements vary among AWS services
Security and Compliance in AWS
At a high level, describe how customers achieve compliance on AWS
o Identify different encryption options on AWS (for example, In transit, At rest)
Describe who enables encryption on AWS for a given service
The importance of encryption and how AWS can help
Recognize there are services that will aid in auditing and reporting
o Recognize that logs exist for auditing and monitoring (do not have to understand the logs)
View HSM audit logs in CloudWatch Logs
o Define Amazon CloudWatch, AWS Config, and AWS CloudTrail
Explain the concept of least privileged access
2.3 Identify AWS Access Management Capabilities
Understand the purpose of User and Identity Management
o Access keys and password policies (rotation, complexity)
Managing access keys for IAM users
Setting an account password policy for IAM users
o Multi-Factor Authentication (MFA)
o AWS Identity and Access Management (IAM)
AWS identity & access management
• Groups/users
IAM Identities (users, user groups)
• Roles
• Policies, managed policies compared to custom policies
o Tasks that require use of root accounts
Tasks that require root user credentials
o Protection of root accounts
Best practices for securing your AWS account
There is a full course here for those that would like to a concise learning experience.
AWS Cloud Practitioner Course - Get prepared now
2.4 Identify Resources for Security Support
Recognize there are different network security capabilities
o Native AWS services (for example, security groups, Network ACLs, AWS WAF)
Network ACLs in Amazon Virtual Private Cloud
o 3rd party security products from the AWS Marketplace
Security solutions in AWS Marketplace
Recognize there is documentation and where to find it (for example, best practices, whitepapers, official documents)
o AWS Knowledge Center, Security Center, security forum, and security blogs
o Partner Systems Integrators
Next-Gen MSP meets Global Systems Integrator on AWS
Know that security checks are a component of AWS Trusted Advisor
AWS Trusted Advisor security check reference
Domain 3: Technology – 33%
3.1 Define Methods of Deploying and Operating in the AWS Cloud
Identify at a high-level different ways of provisioning and operating in the AWS cloud
o Programmatic access, APIs, SDKs, AWS Management Console, CLI, Infrastructure as Code
What is IAM Programmatic access?
Identify different types of cloud deployment models
Cloud computing deployment models
o All in with cloud/cloud-native
o Hybrid
o On-premises
Deployments on an on-premises compute platform
Identify connectivity options
o VPN
o AWS Direct Connect
o Public internet
3.2 Define the AWS Global Infrastructure
Describe the relationships among Regions, Availability Zones, and Edge Locations
Global infrastructure regions & AZs
Describe how to achieve high availability through the use of multiple Availability Zones
o Recall that high availability is achieved by using multiple Availability Zones
High availability (Multi-AZ) for Amazon RDS
Amazon RDS Multi-AZ Deployments
o Recognize that Availability Zones do not share single points of failure
Understand your single points of failure
Describe when to consider the use of multiple AWS Regions
Multi-region application architecture
o Disaster recovery/business continuity
Disaster recovery options in the cloud
o Low latency for end-users
Low-latency computing with AWS Local Zones
o Data sovereignty
Describe at a high level the benefits of Edge Locations
o Amazon CloudFront
Content Delivery Network (CDN)
o AWS Global Accelerator
3.3 Identify the Core AWS Services
Describe the categories of services on AWS (compute, storage, network, database)
Identify AWS compute services
o Recognize there are different compute families
o Recognize the different services that provide compute (for example, AWS Lambda compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.)
Overview of AWS Compute Services
o Recognize that elasticity is achieved through Auto Scaling
Use AutoScaling to achieve elastic computing
o Identify the purpose of load balancers
Identify different AWS storage services
o Describe Amazon S3
Cloud object storage | Amazon Simple Storage Service (S3)
o Describe Amazon Elastic Block Store (Amazon EBS)
Amazon Elastic Block Store (Amazon EBS)
o Describe Amazon S3 Glacier
o Describe AWS Snowball
o Describe Amazon Elastic File System (Amazon EFS)
Use Amazon EFS with Amazon EC2
o Describe AWS Storage Gateway
Identify AWS networking services
o Identify VPC
o Identify security groups
Identify the security groups to use
o Identify the purpose of Amazon Route 53
o Identify VPN, AWS Direct Connect
Identifying a Site-to-Site VPN connection
Identify different AWS database services
o Install databases on Amazon EC2 compared to AWS managed databases
Choose between RDS, EC2 on AWS for your DB
Amazon EC2-hosted vs. Amazon RDS
o Identify Amazon RDS
o Identify Amazon DynamoDB
o Identify Amazon Redshift
Getting started with Amazon Redshift
3.4 Identify Resources for Technology Support
Recognize there is documentation (best practices, whitepapers, AWS Knowledge Center, forums, blogs)
Follow security best practices
Identify the various levels and scope of AWS support
o AWS Abuse
o AWS support cases
o Premium support
Announcing AWS premium support
o Technical Account Managers
Recognize there is a partner network (marketplace, third-party) including Independent Software Vendors and System Integrators
Systems Integrators | AWS Partner Network (APN)
Identify sources of AWS technical assistance and knowledge including professional services, solution architects, training and certification, and the Amazon Partner Network
Successful solutions architects do these five things
Identify the benefits of using AWS Trusted Advisor
AWS Cloud Practitioner Course - Get prepared now
Domain 4: Billing and Pricing – 16%
4.1 Compare and Contrast the Various Pricing Models for AWS (For Example, On-Demand Instances, Reserved Instances, and Spot Instance Pricing)
Identify scenarios/best fit for On-Demand Instance pricing
EC2 on-demand instance pricing
On-Demand Instances in Elastic Compute Cloud
Identify scenarios/best fit for Reserved-Instance pricing
o Describe Reserved-Instances flexibility
Instance size flexibility for EC2 Reserved Instances
o Describe Reserved-Instances behavior in AWS Organizations
Identify scenarios/best fit for Spot Instance pricing
Strategies for using spot instances
4.2 Recognize the Various Account Structures in Relation to AWS Billing and Pricing
Recognize that consolidated billing is a feature of AWS Organizations
Consolidated billing for AWS Organizations
Identify how multiple accounts aid in allocating costs across departments
Cost allocation basics that you need to know
AWS cost allocation for customer bills
4.3 Identify Resources Available for Billing Support
Identify ways to get billing support and information
Get help with AWS Billing & Cost Management
o Cost Explorer, AWS Cost and Usage Report, Amazon QuickSight, third-party partners, and AWS Marketplace tools
Analyzing your costs with Cost Explorer
o Open a billing support case
o The role of the Concierge for AWS Enterprise Support Plan customers
Identify where to find pricing information on AWS services
o AWS Simple Monthly Calculator
o AWS Services product pages
o AWS Pricing API
Recognize that alarms/alerts exist
Creating a billing alarm to monitor your AWS charges
Monitor Your AWS charges with billing alerts
Identify how tags are used in cost allocation
END of Exam Content Requirements
How to Become a Cloud Engineer with no Experience in less than Six Months Webinar!
Who is the online seminar for
Anyone who wants to learn more about becoming a cloud engineer as fast as possible in a cost-efficient manner
Tuesday, February 8, 2022 9:00 AM EST
Hosted by Joe Holbrook
Some of the Courses on TechCommanders
On Techcommanders, we provide free Accredible Certificates that can be verified and posted online.
Coming in February 8th 2022. Cloud InterviewACE.
The best way to pass the Cloud Computing interviews. Period.
Cloud InterviewACE is an online training program & professional community mentored by industry veteran Joseph Holbrook (“The Cloud Tech Guy“), a pre/post sales guru in cloud.
Learn to pass the technical and even soft skills interviews from the starting basics to advanced topics covering presales, post sales focused objectives such cloud deployment, cloud architecting, cloud engineering, migrations and more. resume tips, preparation strategy, common mistakes, mock interviews, technical deep-dives, must-know tips, offer negotiation, and more. AWS, GCP and Azure will be covered.
Find Out more about Cloud InterviewACE from TechCommanders
Fast-track your career now!
This changes your world, what are you waiting for!
We are TechCommanders…
experts in Next Generation Technology Training.
TechCommanders is an online training platform for both aspiring and veteran IT professionals interested in next generation IT Skills.
TechCommanders is led by Joseph Holbrook, a highly sought-after technology industry veteran.
TechCommanders offers blended learning which allows the students to learn on demand but with live training.
Join TechCommanders Today.
Over 60 Courses and Practice Questions!
Coaching and CloudINterviewACE
Stay connected with news and updates!
Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.
We hate SPAM. We will never sell your information, for any reason.