Skip to main content

AWS Certified Cloud Practitioner (CLF-C01) Part 1

Introduction

The AWS Certified Cloud Practitioner (CLF-C01) exam is intended for individuals who can effectively demonstrate an overall knowledge of the AWS Cloud independent of a specific job role. The exam validates a candidate’s ability to complete the following tasks:

  • Explain the value of the AWS Cloud
  • Understand and explain the AWS shared responsibility model
  • Understand security best practices
  • Understand AWS Cloud costs, economics, and billing practices
  • Describe and position the core AWS services, including compute, network, databases, and storage
  • Identify AWS services for common use cases

Exam Content

Response types

There are two types of questions on the exam:

  • Multiple choice: Has one correct response and three incorrect responses.
  • Multiple response: Has two or more correct responses out of five or more response options.

Unanswered questions are scored as incorrect; there is no penalty for guessing. The exam includes 50 questions that will affect your score.

Unscoped content

The exam includes 15 unscored questions that do not affect your score. AWS collects information about candidate performance on these unscored questions to evaluate these questions for future use as scored questions. These unscored questions are not identified on the exam.

Exam results

The AWS Certified Cloud Practitioner exam is a pass or fail exam. The exam is scored against a minimum standard established by AWS professionals who follow certification industry best practices and guidelines.

Your results for the exam are reported as a scaled score of 100–1,000. The minimum passing score is 700. Your score shows how you performed on the exam as a whole and whether or not you passed. Scaled scoring models help equate scores across multiple exam forms that might have slightly different difficulty levels.

Your score report may contain a table of classifications of your performance at each section level. This information is intended to provide general feedback about your exam performance. The exam uses a compensatory scoring model, which means that you do not need to achieve a passing score in each section. You need to pass only the overall exam.

Each section of the exam has a specific weighting, so some sections have more questions than others. The table contains general information that highlights your strengths and weaknesses. Use caution when interpreting section-level feedback. Passing candidates will not receive this additional information.

alt text

Exam Content

Domain 1: Cloud Scope

1.1 Define the AWS Cloud and its value proposition

Amazon Web Services (AWS) is a comprehensive, evolving cloud computing platform provided by Amazon. It offers a vast collection of on-demand cloud services, including compute power, storage, databases, networking, analytics, machine learning, and more. These services are available to individuals, businesses, and governments, allowing them to build and run applications and store data without managing their own physical infrastructure.

AWS Value Proposition:

AWS offers a compelling value proposition centered around enabling innovation, agility, and cost efficiency. It empowers users to:

  • Innovate faster: Quickly experiment with new technologies and deploy applications without upfront infrastructure investments.
  • Increase agility: Respond rapidly to changing business needs by scaling resources up or down on demand.
  • Reduce costs: Pay only for the resources used, eliminating the need for capital expenditures on hardware and software.

1.2 Define the benefits of the AWS cloud including:

Benefits of the AWS Cloud:
  1. Security: AWS provides a robust security infrastructure with features like identity and access management (IAM), data encryption, security groups, and compliance certifications. Users benefit from a shared responsibility model where AWS manages the security of the cloud, while users are responsible for security in the cloud
  2. Reliability: AWS data centers are designed for high availability and fault tolerance, with redundant power, networking, and cooling systems.
  3. High Availability: Services like Elastic Load Balancing and Auto Scaling ensure applications remain available even during failures or traffic spikes. Multi-Availability Zone deployments provide resilience against regional outages.
  4. Elasticity: Easily scale resources up or down on demand based on application needs. This eliminates the need to over-provision resources for peak loads.
  5. Agility: Rapidly provision and deploy resources, enabling faster development cycles and quicker time to market.
  6. Pay-as-you-go Pricing: Pay only for the resources consumed, with no long-term contracts or upfront commitments.
  7. Scalability: Scale applications from small prototypes to massive deployments, leveraging AWS's vast global infrastructure.
  8. Global Reach: Access a global network of data centers and edge locations, allowing you to deploy applications closer to your users worldwide.
  9. Economy of Scale: Benefit from AWS's massive scale, which translates to lower costs for users.

1.3 How AWS Allows Users to Focus on Business Value:

AWS frees users from the burden of managing physical infrastructure, allowing them to shift their technical resources to revenue-generating activities. Instead of spending time on tasks like server maintenance, network configuration, and capacity planning, teams can focus on:

  • Developing new features and products: Accelerate innovation and bring new offerings to market faster.
  • Improving existing applications: Enhance performance, scalability, and reliability.
  • Analyzing data and gaining insights: Leverage AWS's analytics services to understand customer behavior and make better business decisions.
  • Automating processes: Reduce manual effort and improve operational efficiency.

By offloading infrastructure management to AWS, businesses can reduce operational costs, improve agility, and focus their resources on activities that directly contribute to their bottom line. This shift from managing infrastructure to driving innovation is a core benefit of cloud computing and a key driver of AWS's value proposition.

1.4 Aspects of AWS Cloud Economics:

AWS Cloud economics involves understanding the various costs and benefits associated with using cloud services. It's a crucial aspect of cloud adoption, as it helps organizations make informed decisions about migrating to the cloud and optimizing their cloud spending.

Items in a Total Cost of Ownership (TCO) Proposal for AWS:

A TCO proposal compares the total cost of running applications on-premises versus in the AWS cloud. It should include the following items:

On-Premises Costs:
  • Capital Expenses (CapEx): Servers, networking hardware, storage devices, backup systems, software licenses, data center space, power and cooling infrastructure. These are upfront investments.
  • Operational Expenses (OpEx): Hardware maintenance, software updates, electricity, cooling, network bandwidth, IT staff salaries, security management, compliance audits. These are recurring costs.
  • Labor Costs: System administrators, network engineers, database administrators, security specialists, and other IT personnel required to manage the on-premises infrastructure.
  • Software Licensing Costs: Licenses for operating systems, databases, middleware, and other software.
AWS Cloud Costs:
  • Compute Costs: EC2 instances, Lambda functions, ECS/EKS container services.
  • Storage Costs: S3, EBS, Glacier.
  • Database Costs: RDS, DynamoDB, Aurora.
  • Networking Costs: Data transfer, VPC, Elastic Load Balancing.
  • Management and Monitoring Costs: CloudWatch, CloudTrail.
  • Support Costs: AWS Support plans.
Understanding the Roles of OpEx and CapEx:
  1. OpEx (Operational Expenses): Cloud computing shifts most IT spending from CapEx to OpEx. You pay for services as you use them, avoiding large upfront investments. This can improve cash flow and make budgeting more predictable.
  2. CapEx (Capital Expenses): With AWS, CapEx is significantly reduced or eliminated for most use cases. You don't need to purchase and maintain your own hardware.
Labor Costs and Software Licensing:
  1. Labor Costs: Migrating to AWS can reduce labor costs associated with managing infrastructure. AWS handles many operational tasks, freeing up your IT staff to focus on higher-value activities.
  2. Software Licensing Costs: Moving to the cloud can impact software licensing costs in several ways. Some software vendors offer pay-as-you-go licensing models in the cloud. In other cases, you might be able to use open-source software or AWS-managed services, reducing licensing costs. However, some software licenses may not be transferable to the cloud, so careful evaluation is needed.
Operations that Reduce Costs in the Cloud:
  1. Right-sized Infrastructure: AWS allows you to choose the optimal size and type of resources for your applications, avoiding over-provisioning and waste. You pay only for what you need.
  2. Automation: AWS provides extensive automation capabilities, reducing manual effort and associated labor costs. Tools like CloudFormation and AWS Systems Manager automate infrastructure provisioning and management.
  3. Reduced Compliance Scope: AWS handles many aspects of compliance, reducing the burden on your organization. For example, AWS data centers comply with various security and industry standards.
  4. Managed Services: AWS offers a wide range of managed services (RDS, ECS, EKS, DynamoDB, etc.) where AWS takes care of the underlying infrastructure, including patching, backups, and scaling. This significantly reduces operational overhead and associated costs.

Domain 2: Security and Compliance

Define the AWS shared responsibility model

The AWS Shared Responsibility Model defines the security responsibilities between AWS and the customer. It clarifies who is responsible for which aspects of security in the cloud. The core principle is:

  1. AWS is responsible for security of the cloud: This means the physical infrastructure underlying the AWS cloud, including the hardware, software, networking, and physical data centers.
  2. Customers are responsible for security in the cloud: This means the resources and data that customers bring to the AWS cloud, including the operating system, applications, and data.
Elements of the Shared Responsibility Model:

The shared responsibility model can be visualized as layers:

  • Global Infrastructure (AWS Responsibility): Regions, Availability Zones, edge locations, physical security of data centers.
  • Compute, Storage, Networking, Database (Shared Responsibility): The configuration of these services is shared. AWS is responsible for the underlying infrastructure, while customers are responsible for configuring security settings within these services (e.g., security groups, access control lists).
  • Operating System, Middleware, Runtime, Data, Applications (Customer Responsibility): Securing the operating system, applications, and data running on AWS services is the customer's responsibility.
Customer's Responsibilities on AWS:

The customer's responsibilities include:

  • Platform Management: Patching operating systems, configuring firewalls, and managing security software on EC2 instances.
  • Application Security: Secure coding practices, vulnerability scanning, and penetration testing of applications.
  • Data Protection: Encrypting data at rest and in transit, managing access control to data.
  • Identity and Access Management (IAM): Configuring user accounts, roles, and policies to control access to AWS resources.
  • Network Security: Configuring security groups and network access control lists (NACLs).
  • Compliance: Meeting industry-specific regulatory requirements (e.g., HIPAA, PCI DSS).
Shifting Responsibilities Based on Service Used:

The level of customer responsibility varies depending on the service used. Here are some examples:

  • EC2 (Compute): Customers have full control over the operating system and applications running on EC2 instances, so they have significant security responsibilities.
  • RDS (Relational Database Service): AWS manages the underlying database infrastructure (patching, backups, etc.), but customers are responsible for configuring database security settings, such as user accounts and access privileges.
  • Lambda (Serverless Compute): Customers are responsible for the code they deploy to Lambda functions, but AWS manages the underlying infrastructure and operating system.
  • S3 (Object Storage): Customers configure access control lists (ACLs) and bucket policies to control access to their data stored in S3. AWS manages the underlying storage infrastructure.
Define AWS Cloud security and compliance concepts

AWS Cloud security refers to the policies, technologies, and controls that protect data, applications, and infrastructure running on AWS. Compliance, on the other hand, means adhering to specific industry standards, regulations, and legal frameworks that govern data security and privacy.