‭ he Extremely Unofficial‬

T
‭AWS Certified Cloud Practitioner‬
‭Exam (CLF-C02) Study Guide‬
‭By Hiroko Nishimura (‬‭hirokonishimura.com‬‭/‬‭@hirokonishimura‬‭)‬
‭Instructor “‬‭Introduction to AWS for Non-Engineers‬‭” on LinkedIn Learning‬
‭Author “‬‭AWS for Non-Engineers‬‭” at Manning / AWS Community Hero‬

‭ bout AWS Certified Cloud Practitioner Exam (CLF-C02)‬

A
‭Domain 1: Cloud Concepts (24%)‬
‭1.1: Define the benefits of the AWS Cloud‬
‭1.2: Identify design principles of the AWS Cloud‬
‭1.3: Understand the benefits of and strategies for migration to the AWS Cloud‬
‭1.4: Understand concepts of cloud economics‬
‭Domain 2: Security and Compliance (30%)‬
‭2.1: Understand the AWS Shared Responsibility Model‬
‭2.2: Understand AWS Cloud security, governance, and compliance concepts‬
‭2.3: Identity AWS access management capabilities‬
‭2.4: Identify components and resources for security‬
‭Domain 3: Cloud Technology and Services (34%)‬
‭3.1: Define methods of deploying and operating in the AWS Cloud‬
‭3.2: Define the AWS global infrastructure‬
‭3.3: Identify AWS compute services‬
‭3.4: Identify AWS database services‬
‭3.5: Identify AWS network services‬
‭3.6: Identify AWS storage services‬
‭3.7: Identify AWS AI/ML services and analytics services‬
‭3.8: Identify services from other in-scope AWS service categories‬
‭Domain 4: Billing, Pricing, and Support (12%)‬
‭4.1: Compare AWS pricing models‬
‭4.2: Understand resources for billing, budget, and cost management‬
‭4.3: Identify AWS technical resources and AWS Support options‬
‭Resources‬
‭Official AWS Resources‬
‭Un-Official Resources‬

‭1‬
‭ bout AWS Certified Cloud Practitioner Exam‬
A
‭(CLF-C02)‬
-‭ ‬ ‭ pdated September, 2023 from CLF-C01 to CLF-C02‬
U
‭-‬ ‭Multiple choice and multiple responses, with 65 questions (15 unscored)‬
‭-‬ ‭Need 700 out of 1000 points to pass‬
‭-‬ ‭“Effectively demonstrate overall knowledge of the AWS Cloud, independent of‬
‭a specific job role” with up to 6 months of exposure to AWS Cloud design,‬
‭implementation, and/or operations‬
‭-‬ ‭Ideal for candidates from non-IT backgrounds‬
-‭ ‬ ‭Recommended AWS knowledge:‬
‭-‬ ‭AWS Cloud Concepts‬
‭-‬ ‭Security and compliance in the AWS Cloud‬
‭-‬ ‭Core AWS services‬
‭-‬ ‭Economics of AWS Cloud‬

‭Resources (paid and free) shared at the end of this guide for further studying.‬

‭Domain 1: Cloud Concepts (24%)‬

‭1.1: Define the benefits of the AWS Cloud‬

‭-‬ ‭Advantages to cloud computing (‬‭source‬‭):‬
‭-‬ ‭Trade fixed expense for variable expense‬
‭-‬ ‭Benefit from massive economies of scale‬
‭-‬ ‭Stop guessing capacity‬
‭-‬ ‭Increase speed and agility‬
‭-‬ ‭Stop spending money running and maintaining data centers‬
‭-‬ ‭Go global in minutes‬

‭1.2: Identify design principles of the AWS Cloud‬

‭-‬ A
‭ WS Well-Architected Framework (‬‭source‬‭): key concepts,‬‭design principles,‬
‭and architectural best practices for architecting and running workloads in the‬
‭Cloud‬
‭-‬ ‭Operational excellence: continuously improving processes and‬
‭procedures of the daily running and monitoring of systems‬
‭-‬ ‭Security: protecting information and systems‬
‭-‬ ‭Reliability: workloads performing intended functions and recovering‬
‭quickly from failures‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭2‬

 ‭-‬ P ‭ erformance efficiency: structured and streamlined allocation of IT and‬
‭computing resources‬
‭-‬ ‭Cost optimization: avoid unnecessary costs‬
‭-‬ ‭Sustainability: minimizing environmental impacts of running cloud‬
‭workloads‬

‭ .3: Understand the benefits of and strategies for‬

1
‭migration to the AWS Cloud‬
‭-‬ A ‭ WS Cloud Adoption Framework (‬‭source‬‭): best practices‬‭to help facilitate‬
‭successful IT migrations into the Cloud, with recommendations for‬
‭implementing, adapting, configuring, and maintaining effective workflows in‬
‭the Cloud‬
‭-‬ ‭Reduce business risk‬
‭-‬ ‭Improve ESG (environmental, social, and governance) performance‬
‭-‬ ‭Grow revenue‬
‭-‬ ‭Increase operational efficiency‬
‭-‬ ‭Cloud Migration Strategies‬
‭-‬ ‭Database replication‬
‭-‬ ‭AWS Snow Family‬‭(Snowcone, Snowball, Snowmobile)‬

‭1.4: Understand concepts of cloud economics‬

‭-‬ R ‭ ole of fixed costs compared with variable costs (“trade fixed expenses for‬
‭variable expenses” in advantages of cloud computing)‬
‭-‬ ‭Costs associated with on-premises environments (“stop spending money‬
‭running and maintaining data centers” in advantages of cloud computing)‬
‭-‬ ‭Benefits of automation: less times a human touches it, the more secure and‬
‭less vulnerable to intentional or unintentional issues‬
‭-‬ ‭Licensing strategies: Bring Your Own License (BYOL) model vs included‬
‭licenses (‬‭source‬‭)‬
‭-‬ ‭Managed AWS services: “fully managed” by AWS (underlying infrastructure,‬
‭server management, patching, operations, etc. managed by AWS) so users‬
‭can shift focus away from administration of these resources to other more‬
‭innovative tasks‬
‭-‬ ‭Examples: Amazon RDS, Amazon Elastic Container Service (Amazon‬
‭ECS), Amazon Elastic Kubernetes Service (Amazon EKS), Amazon‬
‭DynamoDB‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭3‬

‭Domain 2: Security and Compliance (30%)‬

‭2.1: Understand the AWS Shared Responsibility Model‬

‭-‬ ‭AWS Shared Responsibility Model (‬‭source‬‭):‬
‭-‬ ‭AWS is responsible for security OF the Cloud‬
‭-‬ ‭Customer is responsible for security IN the Cloud‬
‭-‬ ‭Responsibilities shift between AWS and customer depending on the‬
‭services used‬
‭-‬ ‭Both AWS and the customer are responsible for training and educating‬

‭ .2: Understand AWS Cloud security, governance, and‬

2
‭compliance concepts‬
‭-‬ C ‭ ompliance requirements change depending on industries and geographic‬
‭locations, which AWS accounts for with dozens of compliance programs‬
‭(‬‭source‬‭)‬
‭-‬ ‭You need to encrypt data in transit (while it’s moving from one place to‬
‭another) and at rest (while it’s residing in a location)‬
‭-‬ ‭Governance is process of creating and enforcing decisions within an‬
‭organization‬
‭-‬ ‭Security in the Cloud is composed of identity and access management,‬
‭detective controls, infrastructure protection, data protection, and incident‬
‭response (Security Pillar of the Well-Architected Framework)‬
‭-‬ ‭There are many services to help you secure resources on AWS, like Amazon‬
‭Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield‬
‭-‬ ‭AWS Artifact helps you locate on-demand compliance information relevant to‬
‭your IT infrastructure‬
‭-‬ ‭There are many services that aid in governance and compliance like Amazon‬
‭CloudWatch, AWS CloudTrail, AWS Audit Manager, and AWS Config‬
‭-‬ ‭Compliance requirements varies depending on the AWS service being used‬

‭2.3: Identity AWS access management capabilities‬

‭-‬ I‭ dentity and Access Management (IAM) and IAM Identity Center provide‬
‭granular control over permissions for identities, generally dealing with‬
‭defining‬‭WHO‬‭has access to‬‭WHAT‬
‭-‬ ‭Principle of Least Privilege (‬‭source‬‭): give only the‬‭least amount of access for‬
‭an entity to do perform its tasks‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭4‬

 ‭-‬ U
‭ tilize groups, users, custom policies, and manage policies in‬
‭compliance with the Principle of Least Privilege‬
‭-‬ ‭There are multiple ways of authentication in AWS such as MFA, IAM Identity‬
‭Center, cross-account IAM roles, federated users‬
-‭ ‬ ‭When you create an AWS account, that account is a‬‭root user account‬‭, which‬
‭should not be utilized unless absolutely necessary (make sure to secure it‬
‭with MFA); know how to secure it, and what specific tasks you need the root‬
‭account for‬
‭-‬ ‭Access keys, password policies, credential storage (AWS Secrets Manager,‬
‭AWS Systems Manager)‬

‭2.4: Identify components and resources for security‬

‭-‬ Y ‭ ou can utilize‬‭network access control lists (NACLs)‬‭and‬‭security groups‬‭to‬
‭control the traffic coming in and out of your resources (‬‭compare NACLs vs‬
‭security groups‬‭)‬
‭-‬ ‭There are many security services that help you protect your infrastructure,‬
‭like AWS WAF, Amazon Inspector, AWS Shield, and Amazon GuardDuty‬
‭-‬ ‭There are third-party security products (provided by other companies) on the‬
‭AWS Marketplace‬
‭-‬ ‭You can find AWS security-related information in AWS Knowledge Center,‬
‭AWS Security Center, AWS Security Blog, etc.‬
‭-‬ ‭You can utilize AWS Trusted Advisor to identify security issues‬

‭ omain 3: Cloud Technology and Services‬

D
‭(34%)‬

‭ .1: Define methods of deploying and operating in the‬

3
‭AWS Cloud‬
‭-‬ C ‭ onnecting to AWS Cloud: Virtual Private Network (VPN), AWS Direct‬
‭Connect, Public Internet‬
‭-‬ ‭Cloud Deployment Models: Cloud Deployment, Hybrid Deployment,‬
‭On-Premises Deployment‬
‭-‬ ‭Deploy and manage IT infrastructure on AWS: AWS Management‬
‭Console, Command Line Interface (CLI), Software Development Kits‬
‭(SDKs)‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭5‬

‭3.2: Define the AWS global infrastructure‬
-‭ ‬ ‭ vailability Zones (AZs): independent AWS data centers‬
A
‭-‬ ‭Regions: 2 or more Availability Zones‬
‭-‬ ‭Edge Locations: caches data closest to your customers‬
‭-‬ ‭AWS Local Zones: provides extremely low latency to end users when‬
‭AWS Regions aren’t close enough‬
‭-‬ ‭AWS Wavelength Zones: extremely low latency for applications by‬
‭embedding AWS compute and storage services within 5G networks‬
-‭ ‬ ‭High Availability‬
‭-‬ ‭Learn more about the AWS Global Infrastructure:‬
‭https://aws.amazon.com/about-aws/global-infrastructure/‬

‭3.3: Identify AWS compute services‬

‭-‬ A ‭ mazon Elastic Compute Cloud (Amazon EC2): virtual servers with virtually‬
‭limitless use cases‬
‭-‬ ‭Amazon Elastic Container Service (Amazon ECS): fully-managed container‬
‭orchestration service‬
‭-‬ ‭Amazon Elastic Kubernetes Service (Amazon EKS): fully-managed container‬
‭service to run Kubernetes‬
‭-‬ ‭Elastic Beanstalk: deploy and scale web applications by uploading code‬
‭-‬ ‭Elastic Load Balancing: helps applications achieve fault tolerance‬
‭-‬ ‭AWS Lambda: event-driven, serverless compute service to run code without‬
‭provisioning or managing your own servers‬
‭-‬ ‭AWS Fargate: serverless compute engine for containers‬
‭-‬ ‭Amazon Lightsail: pre-configured websites and applications to help you get‬
‭your projects up and running with minimal configurations on your end‬
‭-‬ ‭Autoscaling provides elasticity‬

‭3.4: Identify AWS database services‬

‭-‬ ‭Database Services‬
‭-‬ ‭Amazon Relational Database Service (Amazon RDS): fully-managed‬
‭relational database service‬
‭-‬ ‭Amazon Aurora: relational database engine managed by Amazon RDS‬
‭-‬ ‭Amazon DynamoDB: fully-managed NoSQL database service‬
‭-‬ ‭Amazon Memory DB for Redis, Amazon ElastiCache, Amazon‬
‭DynamoDB Accelerator (DAX): fully-managed in-memory database‬
‭services‬
‭-‬ ‭Database Migration Tools:‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭6‬

 ‭-‬ A ‭ WS Database Migration Service: migrate your database to AWS’s‬
‭database services‬
‭-‬ ‭AWS Schema Conversion Tool: convert your database into one of the‬
‭schemas supported by AWS’s managed databases‬

‭3.5: Identify AWS network services‬

‭-‬ A ‭ mazon Virtual Private Cloud (Amazon VPC): isolated virtual network on AWS‬
‭Cloud for your IT infrastructure‬
‭-‬ ‭Amazon CloudFront: Content Delivery Network to help websites and‬
‭applications load faster‬
‭-‬ ‭AWS Global Accelerator: allows customer access requests to take the‬
‭high-speed AWS global network towards its destination instead of spending‬
‭time on slower public networks‬
‭-‬ ‭Amazon Route 53: DNS service‬

‭3.6: Identify AWS storage services‬

‭-‬ ‭Amazon Simple Storage Service (Amazon S3): object storage service‬
‭-‬ ‭Understand lifecycle policies and storage classes (tendency: less you‬
‭need to access, less durable, longer retrieval time = cheaper)‬
‭-‬ ‭Amazon Elastic Block Store (Amazon EBS): block storage service that acts‬
‭like unformatted block devices you can mount to your Amazon EC2 instances‬
‭-‬ ‭AWS Storage Gateway: connects on-premises storage with AWS’s cloud‬
‭storage‬
‭-‬ ‭AWS Backup: backup service for all your AWS services and hybrid‬
‭environments‬
‭-‬ ‭Three types of storage: object storage, file storage, block storage‬

‭3.7: Identify AWS AI/ML services and analytics services‬

‭-‬ ‭AI/ML (Artificial Intelligence/Machine Learning) services‬
‭-‬ ‭Amazon SageMaker: build, train, and deploy machine learning models‬
‭-‬ ‭Amazon Lex: create conversational AI support chatbots (Amazon‬
‭aLEXa, anyone?)‬
‭-‬ ‭Amazon Kendra: utilize machine learning to find answers quickly with‬
‭intelligent search‬
‭-‬ ‭Data Analytics Services‬
‭-‬ ‭Amazon Athena: analyze data directly in Amazon S3 using standard‬
‭SQL‬
‭-‬ ‭AWS Glue: integrate data from diverse data sources and prepare them‬
‭for analytics‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭7‬

 ‭-‬ A ‭ mazon Kinesis: helps collect, process, and analyze data like audio‬
‭and video in real-time to derive insights‬
‭-‬ ‭Amazon QuickSight: business intelligence service that helps you‬
‭quickly build visualizations and perform ad hoc analysis on your data‬
‭with machine learning‬

‭ .8: Identify services from other in-scope AWS service‬

3
‭categories‬
‭-‬ A ‭ pplication integration services: Amazon EventBridge, Amazon Simple‬
‭Notification Service (Amazon SNS), Amazon Simple Queue Service (Amazon‬
‭SQS)‬
‭-‬ ‭Business application services: Amazon Connect, Amazon Simple Email‬
‭Service (Amazon SES)‬
‭-‬ ‭Customer engagement services: AWS Activate for Startups, AWS IQ, AWS‬
‭Managed Services (AMS), AWS Support‬
‭-‬ ‭Developer tool services and capabilities: AWS AppConfig, AWS Cloud9, AWS‬
‭CloudShell, AWS CodeArtifact, AWS CodeBuild, AWS CodeCommit, AWS‬
‭CodeDeploy, AWS CodePipeline, AWS CodeStar, AWS X-Ray‬
‭-‬ ‭End user computing services: Amazon AppStream 2.0, Amazon WorkSpaces,‬
‭Amazon WorkSpaces Web‬
‭-‬ ‭Frontend web and mobile services: AWS Amplify, AWS AppSync‬
‭-‬ ‭IoT services: AWS IoT Core, AWS IoT Greengrass‬

‭Domain 4: Billing, Pricing, and Support (12%)‬

‭4.1: Compare AWS pricing models‬

‭-‬ ‭Fundamental ways AWS charges:‬
‭-‬ ‭Compute‬
‭-‬ ‭Storage‬
‭-‬ ‭Data transfer‬
‭-‬ ‭Learn more about AWS Pricing:‬
‭-‬ ‭AWS Pricing Page:‬‭https://aws.amazon.com/pricing‬
‭-‬ ‭Whitepaper: “‬‭How AWS Pricing Works‬‭”‬
‭-‬ ‭Compute Resource Pricing Models‬
‭-‬ ‭Pay as you go (on-demand instances)‬
‭-‬ ‭Save when you commit (reserved instances)‬
‭-‬ ‭Save when you commit 2 (savings plans)‬
‭-‬ ‭Take advantage of unutilized AWS capacity (spot instances)‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭8‬

 ‭-‬ S ‭ ave by using your own licenses and utilize dedicated hardware‬
‭(dedicated hosts)‬
‭-‬ ‭Run Amazon EC2 instances on dedicated hardware (dedicated‬
‭instances)‬
‭-‬ ‭Reserve compute capacity in advance (capacity reservations)‬
‭-‬ ‭Pay less by using more‬

‭ .2: Understand resources for billing, budget, and cost‬

4
‭management‬
‭-‬ B ‭ illing, budget, and cost management resources: AWS Budgets, AWS Cost‬
‭Explorer, AWS Billing Conductor, AWS Pricing Calculator‬
‭-‬ ‭Tools to help larger organizations manage multiple AWS accounts and their‬
‭billing: Consolidated Billing, AWS Organizations, AWS cost allocation tags‬
‭-‬ ‭Generate billing reports with AWS Cost and Usage Report (AWS CUR)‬
‭by utilizing AWS cost allocation tags effectively‬
‭-‬ ‭AWS Cost Management Resources:‬
‭https://aws.amazon.com/aws-cost-management‬

‭ .3: Identify AWS technical resources and AWS Support‬

4
‭options‬
‭-‬ ‭AWS Support Plans (‬‭source‬‭)‬
‭-‬ ‭Basic Support Plan (free): for testing out/experimenting with AWS;‬
‭great for AWS Free Tier‬
‭-‬ ‭Developer Support Plan (starts at $29): for testing/experimenting with‬
‭AWS‬
‭-‬ ‭Business Support Plan (starts at $100): minimum recommendation for‬
‭production workloads in AWS‬
‭-‬ ‭Enterprise On-Ramp Support Plan (starts at $5,500): for production‬
‭and/or business critical workloads in AWS‬
‭-‬ ‭Enterprise Support Plan (starts at ($15,000): business and/or mission‬
‭critical workloads in AWS… and A LOT of it‬
‭-‬ ‭Manage and monitor environments for cost optimization: Trusted Advisor,‬
‭AWS Health Dashboard, AWS Health API‬
‭-‬ ‭Official AWS resources‬
‭-‬ ‭AWS Whitepapers:‬‭https://aws.amazon.com/whitepapers‬
‭-‬ ‭AWS Blog:‬‭https://aws.amazon.com/blogs‬
‭-‬ ‭AWS Documentation:‬‭https://docs.aws.amazon.com‬
‭-‬ ‭AWS re:Post:‬‭https://repost.aws‬
‭-‬ ‭AWS Knowledge Center:‬‭https://repost.aws/knowledge-center‬
‭-‬ ‭AWS Partner Networks‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭9‬

 -‭ ‬ ‭ WS Marketplace:‬‭https://aws.amazon.com/marketplace‬
A
‭-‬ ‭AWS Support Plans‬
‭-‬ ‭AWS Trust and Safety Team‬
‭-‬ ‭AWS Support Center:‬‭https://aws.amazon.com/contact-us‬
‭-‬ ‭AWS Support Teams: AWS Professional Services, AWS Solutions‬
‭Architects‬

‭Resources‬
‭ emember, this is just a study guide. Make sure you utilize many resources‬
R
‭available to you to ace the exam! Good luck!‬

‭Official AWS Resources‬

‭-‬ A ‭ WS Cloud Practitioner Exam Official Exam Guide:‬
‭https://aws.amazon.com/certification/certified-cloud-practitioner/‬
‭-‬ ‭Sign up for the exam:‬‭https://www.aws.training/certification/‬
‭-‬ ‭Official courses, gamified study materials, etc:‬‭https://skillbuilder.aws/‬
‭-‬ ‭Official practice exam for AWS CLF-C02 exam:‬
‭https://explore.skillbuilder.aws/learn/course/external/view/elearning/14637/‬
‭aws-certified-cloud-practitioner-official-practice-exam-clf-c02-english‬
‭-‬ ‭Official forum:‬‭https://repost.aws/‬
‭-‬ ‭Collection of official AWS resources, career training programs, scholarships,‬
‭and more:‬‭https://hiroko.io/aws/‬

‭Un-Official Resources‬
‭-‬ I‭ ntroduction to AWS for Non-Engineers - Video Courses (LinkedIn Learning):‬
‭https://introtoaws.com‬
‭-‬ ‭AWS for Non-Engineers - Book (Manning Publications):‬
‭https://awsfornonengineers.com‬
‭-‬ ‭Learn AWS for free (freeCodeCamp):‬
‭https://www.freecodecamp.org/news/tag/aws/‬

‭ hanks for downloading the e‬‭xtremely unofficial AWS Certified Cloud Practitioner‬
T
‭study guide‬‭! If you need to find me (Hiroko Nishimura),‬‭you can find my various‬
‭contact information/social media profiles at‬‭hirokonishimura.com‬‭,‬‭and my AWS‬
‭content at‬‭aws.hiroko.io‬‭!‬
‭Was this helpful? Leave me a tip for some coffee if you’re so inclined:‬
‭ko-fi.com/hiroko‬‭!‬

‭Hiroko Nishimura‬‭, December 2023 // download:‬‭ko-fi.com/hiroko‬ ‭10‬