Free Practice Questions for AWS Certified Cloud Practitioner (CLF-C02) Certification

Knowledge of: • Value proposition of the AWS Cloud

Skills in: • Understanding the benefits of global infrastructure (for example, speed of deployment, global reach) • Understanding the advantages of high availability, elasticity, and agility

Knowledge of: • AWS Well-Architected Framework

Skills in: • Understanding the pillars of the Well-Architected Framework (for example, operational excellence, security, reliability, performance efficiency, cost optimization, sustainability) • Identifying differences between the pillars of the Well-Architected Framework

Knowledge of: • Cloud adoption strategies • Resources to support the cloud migration journey

Skills in: • Understanding the components of the AWS Cloud Adoption Framework (AWS CAF) (for example, reduced business risk; improved environmental, social, and governance [ESG] performance; increased revenue; increased operational efficiency) • Identifying appropriate migration strategies (for example, database replication, use of AWS Snowball)

Knowledge of: • Aspects of cloud economics • Cost savings of moving to the cloud

Skills in: • Understanding the role of fixed costs compared with variable costs • Understanding costs that are associated with on-premises environments • Understanding the differences between licensing strategies (for example, Bring Your Own License [BYOL] model compared with included licenses) • Understanding the concept of rightsizing • Identifying benefits of automation • Understanding the economies of scale (for example, cost savings)

Knowledge of: • AWS shared responsibility model

Skills in: • Recognizing the components of the AWS shared responsibility model • Describing the customer's responsibilities on AWS • Describing AWS responsibilities • Describing responsibilities that the customer and AWS share • Describing how AWS responsibilities and customer responsibilities can shift, depending on the service used (for example, Amazon RDS, AWS Lambda, Amazon EC2)

Knowledge of: • AWS compliance and governance concepts • Benefits of cloud security (for example, encryption) • Where to capture and locate logs that are associated with cloud security

Skills in: • Identifying where to find AWS compliance information (for example, AWS Artifact) • Understanding compliance needs among geographic locations or industries (for example, AWS compliance) • Describing how customers secure resources on AWS (for example, Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS Shield) • Identifying encryption options (for example, encryption in transit, encryption at rest) • Recognizing services that aid in governance and compliance (for example, monitoring with Amazon CloudWatch; auditing with AWS CloudTrail, AWS Audit Manager, and AWS Config; reporting with access reports) • Recognizing compliance requirements that vary among AWS services

Knowledge of: • Identity and access management (for example, AWS Identity and Access Management [IAM]) • Importance of protecting the AWS root user account • Principle of least privilege • AWS IAM Identity Center (AWS Single Sign-On)

Skills in: • Understanding access keys, password policies, and credential storage (for example, AWS Secrets Manager, AWS Systems Manager) • Identifying authentication methods in AWS (for example, multi-factor authentication [MFA], IAM Identity Center, cross-account IAM roles) • Defining groups, users, custom policies, and managed policies in compliance with the principle of least privilege • Identifying tasks that only the account root user can perform • Understanding which methods can achieve root user protection • Understanding the types of identity management (for example, federated)

Knowledge of: • Security capabilities that AWS provides • Security-related documentation that AWS provides

Skills in: • Describing AWS security features and services (for example, AWS WAF, AWS Firewall Manager, AWS Shield, Amazon GuardDuty) • Understanding that third-party security products are available from AWS Marketplace • Identifying where AWS security information is available (for example, AWS Knowledge Center, AWS Security Center, AWS Security Blog) • Understanding the use of AWS services for identifying security issues (for example, AWS Trusted Advisor)

Knowledge of: • Various ways of provisioning and operating in the AWS Cloud • Various ways to access AWS services • Types of cloud deployment models

Skills in: • Deciding between options such as programmatic access (for example, APIs, SDKs, CLI), the AWS Management Console, and infrastructure as code (IaC) • Evaluating requirements to determine whether to use one-time operations or repeatable processes • Identifying deployment models (for example, cloud, hybrid, on-premises)

Knowledge of: • AWS Regions, Availability Zones, and edge locations • High availability • Use of multiple Regions • Benefits of edge locations

Skills in: • Describing relationships among Regions, Availability Zones, and edge locations • Describing how to achieve high availability by using multiple Availability Zones • Recognizing that Availability Zones do not share single points of failure • Describing when to use multiple Regions (for example, disaster recovery, business continuity, low latency for end users, data sovereignty)

Knowledge of: • AWS compute services

Skills in: • Recognizing the appropriate use of various Amazon EC2 instance types (for example, compute optimized, storage optimized) • Recognizing the appropriate use of various container options (for example, Amazon Elastic Container Service [Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS]) • Recognizing the appropriate use of various serverless compute options (for example, AWS Fargate, AWS Lambda) • Recognizing that auto scaling provides elasticity • Identifying the purposes of load balancers

Knowledge of: • AWS database services • Database migration

Skills in: • Deciding when to use EC2 hosted databases or AWS managed databases • Identifying relational databases (for example, Amazon RDS, Amazon Aurora) • Identifying NoSQL databases (for example, Amazon DynamoDB) • Identifying memory-based databases (for example, Amazon ElastiCache) • Identifying database migration tools (for example AWS Database Migration Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT])

Knowledge of: • AWS network services

Skills in: • Identifying the components of a VPC (for example, subnets, gateways) • Understanding security in a VPC (for example, network ACLs, security groups, Amazon Inspector) • Understanding the purpose of Amazon Route 53 • Identifying network connectivity options to AWS (for example AWS VPN, AWS Direct Connect)

Knowledge of: • AWS storage services

Skills in: • Identifying the uses for object storage • Recognizing the differences in Amazon S3 storage classes • Identifying block storage solutions (for example, Amazon Elastic Block Store [Amazon EBS], instance store) • Identifying file services (for example, Amazon Elastic File System [Amazon EFS], Amazon FSx) • Identifying cached file systems (for example, AWS Storage Gateway) • Understanding use cases for lifecycle policies • Understanding use cases for AWS Backup

Knowledge of: • AWS AI/ML services • AWS analytics services

Skills in: • Understanding AI/ML services and the tasks that they accomplish (for example, Amazon SageMaker AI, Amazon Lex, Amazon Kendra) • Identifying the services for data analytics (for example, Amazon Athena, Amazon Kinesis, AWS Glue, Amazon QuickSight)

Knowledge of: • Application integration services of Amazon EventBridge, Amazon Simple Notification Service (Amazon SNS), and Amazon Simple Queue Service (Amazon SQS) • Business application services of Amazon Connect and Amazon Simple Email Service (Amazon SES) • Customer enablement services (for example, AWS Support) • Developer tool services and capabilities (for example, AWS CodeBuild, AWS CodePipeline, and AWS X-Ray) • End-user computing services of Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces Secure Browser • Frontend web and mobile services of AWS Amplify and AWS AppSync • IoT services (for example, AWS IoT Core)

Skills in: • Choosing the appropriate service to deliver messages and to send alerts and notifications • Choosing the appropriate service to meet business application needs • Choosing the appropriate option for business support assistance • Identifying the tools to develop, deploy, and troubleshoot applications • Identifying the services that can present the output of virtual machines (VMs) on end-user machines • Identifying the services that can create and deploy frontend and mobile services • Identifying the services that manage IoT devices

Knowledge of: • Compute purchasing options (for example, On-Demand Instances, Reserved Instances, Spot Instances, AWS Savings Plans, Dedicated Hosts, Dedicated Instances, Capacity Reservations) • Storage options and tiers

Skills in: • Identifying when to use various compute purchasing options • Describing Reserved Instance flexibility • Describing Reserved Instance behavior in AWS Organizations • Understanding incoming data transfer costs and outgoing data transfer costs (for example, from one AWS Region to another Region, within the same Region) • Understanding pricing options for various storage options and tiers

Knowledge of: • Billing support and information • Pricing information for AWS services • AWS Organizations • AWS cost allocation tags

Skills in: • Understanding the appropriate uses and capabilities of AWS Budgets, and AWS Cost Explorer • Understanding the appropriate uses and capabilities of AWS Pricing Calculator • Understanding AWS Organizations consolidated billing and allocation of costs • Understanding various types of cost allocation tags and their relation to billing reports (for example, AWS Cost and Usage Report)

Knowledge of: • Resources and documentation available on official AWS websites • AWS Support plans • Role of the AWS Partner Network, including independent software vendors and system integrators • AWS Support Center

Skills in: • Locating AWS whitepapers, blogs, and documentation on official AWS websites • Identifying and locating AWS technical resources (for example AWS Prescriptive Guidance, AWS Knowledge Center, AWS re:Post) • Identifying AWS Support options for AWS customers (for example, customer service and communities, AWS Developer Support, AWS Business Support, AWS Enterprise On-Ramp Support, AWS Enterprise Support) • Identifying the role of AWS Trusted Advisor, AWS Health Dashboard, and the AWS Health API to help manage and monitor environments for cost optimization • Identifying the role of the AWS Trust and Safety team to report abuse of AWS resources • Understanding the role of AWS Partners (for example AWS Marketplace, independent software vendors, system integrators) • Identifying the benefits of being an AWS Partner (for example, partner training and certification, partner events, partner volume discounts) • Identifying the key services that AWS Marketplace offers (for example, cost management, governance and entitlement) • Identifying technical assistance options available at AWS (for example, AWS Professional Services, AWS Solutions Architects)