AWS Certified Cloud Practitioner Exam Study Guide [CLF-C01]

AWS Certified Cloud Practitioner (AWS CCP) Certificate Exam Study Guide

AWS Certified Cloud Practitioner Prep

Preparing for the AWS Certified Cloud Practitioner (AWS CCP) exam? Don’t know where to start? This post is the AWS Certified Cloud Practitioner Certificate Study Guide (with links to each objective in the exam domain).

I have curated a detailed list of articles from AWS documentation and other blogs for each objective of the AWS Certified Cloud Practitioner (CLF-C01) exam. Please share the post within your circles so it helps them to prepare for the exam.

Courses on AWS Certified Cloud Practitioner

LinkedIn Learning [Free Trial]Preparing for the Cloud Practitioner Exam
PluralsightCloud Practitioner Learning Path [Free Trial]
UdemyAWS Practitioner Course by Zeal Vora
CourseraAWS Fundamentals Specialization

Practice Test for AWS Certified Cloud Practitioner

Whizlabs Exam QuestionsCloud Practitioner [195 Questions & 21 Labs]
Udemy Practice TestAWS Certification Exam Practice Questions
Amazon AWS-CCP e-bookAWS Cloud Practitioner Study Guide

AWS Certified Cloud Practitioner Exam Questions

AWS Certified Cloud Practitioner Exam Questions [CLF-C01]

Check out all the other AWS certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Domain 1: Cloud Concepts – 26%

1.1 Define the AWS Cloud and Its Value Proposition

Define the benefits of the AWS cloud including:

Explain how the AWS cloud allows users to focus on business value

o Shifting technical resources to revenue-generating activities as opposed to managing infrastructure

Cloud Computing’s value proposition | Maximize value with AWS

The business value of AWS

Business Value on AWS (Whitepaper)

1.2 Identify Aspects of AWS Cloud Economics

Define items that would be part of a Total Cost of Ownership proposal

o Understand the role of operational expenses (OpEx)

CapEx vs. OpEx

o Understand the role of capital expenses (CapEx)

Cloud, CapEx, and OpEx: Reframing the Conversation

o Understand labor costs associated with on-premises operations

Evaluate the TCO for an on-premise application system

o Understand the impact of software licensing costs when moving to the cloud

Software licensing: The blind spot in public cloud costs

Identify which operations will reduce costs by moving to the cloud

o Right-sized infrastructure

Right-Sizing in AWS

o Benefits of automation

The case for investing in cloud automation

o Reduce compliance scope (for example, reporting)

Minimize the PCI compliance burden

o Managed services (for example, RDS, ECS, EKS, DynamoDB)

AWS Managed Services

1.3 Explain the Different Cloud Architecture Design Principles

Explain the design principles

o Design for failure

Designing for Failure

o Decouple components versus monolithic architecture

What are Microservices?

How to break a monolith application into microservices?

o Implement elasticity in the cloud versus on-premises

Elasticity: AWS Well-Architected Framework

o Think parallel

Think Parallel

AWS Certified Cloud Practitioner training notes AWS-CCP

Amazon link (affiliate)

Domain 2: Security and Compliance – 25%

2.1 Define the AWS Shared Responsibility Model

Recognize the elements of the Shared Responsibility Model

Shared Responsibility Model in AWS

Describe the customer’s responsibility on AWS

o Describe how the customer’s responsibilities may shift depending on the service used (for example with RDS, Lambda, or EC2)

The customer is responsible for security in the cloud.

Lambda: The Shared Responsibility Model

Describe AWS responsibilities

AWS responsible for the security of the cloud

2.2 Define AWS Cloud Security and Compliance Concepts

Identify where to find AWS compliance information

AWS compliance programs

AWS compliance resources

o Locations of lists of recognized available compliance controls (for example, HIPPA, SOCs)

HIPAA Compliance AWS

SOC Compliance AWS

o Recognize that compliance requirements vary among AWS services

Security and Compliance in AWS

At a high level, describe how customers achieve compliance on AWS

Cloud Compliance in AWS

o Identify different encryption options on AWS (for example, In transit, At rest)

Encryption of data in transit

Encryption of data at rest

Describe who enables encryption on AWS for a given service

The importance of encryption and how AWS can help

Recognize there are services that will aid in auditing and reporting

AWS Audit Manager

o Recognize that logs exist for auditing and monitoring (do not have to understand the logs)

View HSM audit logs in CloudWatch Logs

o Define Amazon CloudWatch, AWS Config, and AWS CloudTrail

What is Amazon CloudWatch?

AWS Config

What Is AWS CloudTrail?

Explain the concept of least privileged access

Grant least privilege

2.3 Identify AWS Access Management Capabilities

Understand the purpose of User and Identity Management

o Access keys and password policies (rotation, complexity)

Managing access keys for IAM users

Setting an account password policy for IAM users

o Multi-Factor Authentication (MFA)

Using MFA in AWS

o AWS Identity and Access Management (IAM)

AWS identity & access management

• Groups/users

IAM Identities (users, user groups)

• Roles

IAM roles

• Policies, managed policies compared to custom policies

Policies & permissions in IAM

Managed policies

o Tasks that require use of root accounts

Tasks that require root user credentials

o Protection of root accounts

Best practices for securing your AWS account

2.4 Identify Resources for Security Support

Recognize there are different network security capabilities

o Native AWS services (for example, security groups, Network ACLs, AWS WAF)

Network ACLs in Amazon Virtual Private Cloud

Security groups for your VPC


o 3rd party security products from the AWS Marketplace

Security solutions in AWS Marketplace

Recognize there is documentation and where to find it (for example, best practices, whitepapers, official documents)

o AWS Knowledge Center, Security Center, security forum, and security blogs

AWS Support: Knowledge Center

AWS Security Hub

o Partner Systems Integrators

Next-Gen MSP meets Global Systems Integrator on AWS

Know that security checks are a component of AWS Trusted Advisor

AWS Trusted Advisor security check reference

Domain 3: Technology – 33%

3.1 Define Methods of Deploying and Operating in the AWS Cloud

Identify at a high-level different ways of provisioning and operating in the AWS cloud

o Programmatic access, APIs, SDKs, AWS Management Console, CLI, Infrastructure as Code

What is IAM Programmatic access?


AWS SDK for JavaScript

AWS Management Console

AWS Command Line Interface

Infrastructure as Code on AWS

Identify different types of cloud deployment models

Cloud computing deployment models

Identify connectivity options



o AWS Direct Connect

What is AWS Direct Connect?

o Public internet

Internet gateways

3.2 Define the AWS Global Infrastructure

Describe the relationships among Regions, Availability Zones, and Edge Locations

Global infrastructure regions & AZs

Regions and Zones

Describe how to achieve high availability through the use of multiple Availability Zones

o Recall that high availability is achieved by using multiple Availability Zones

High availability (Multi-AZ) for Amazon RDS

Amazon RDS Multi-AZ Deployments

o Recognize that Availability Zones do not share single points of failure

Understand your single points of failure

Describe when to consider the use of multiple AWS Regions

Multi-region application architecture

o Disaster recovery/business continuity

Disaster recovery options in the cloud

Business Continuity Plan

o Low latency for end-users

Low-latency computing with AWS Local Zones

o Data sovereignty

Embrace data sovereignty

Describe at a high level the benefits of Edge Locations

AWS for the Edge benefits

o Amazon CloudFront

Content Delivery Network (CDN)

o AWS Global Accelerator

AWS Global Accelerator

3.3 Identify the Core AWS Services

Describe the categories of services on AWS (compute, storage, network, database)

AWS cloud products

Identify AWS compute services

o Recognize there are different compute families

Amazon EC2 instance types

o Recognize the different services that provide compute (for example, AWS Lambda compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.)

Overview of AWS Compute Services

o Recognize that elasticity is achieved through Auto Scaling

Use AutoScaling to achieve elastic computing

o Identify the purpose of load balancers

Application Load Balancer

Identify different AWS storage services

o Describe Amazon S3

Cloud object storage | Amazon Simple Storage Service (S3)

o Describe Amazon Elastic Block Store (Amazon EBS)

Amazon Elastic Block Store (Amazon EBS)

o Describe Amazon S3 Glacier

What Is Amazon S3 Glacier?

o Describe AWS Snowball

AWS Snowball

o Describe Amazon Elastic File System (Amazon EFS)

Use Amazon EFS with Amazon EC2

o Describe AWS Storage Gateway

AWS Storage Gateway

Identify AWS networking services

o Identify VPC

Identify the VPC to use

o Identify security groups

Identify the security groups to use

o Identify the purpose of Amazon Route 53

What is Amazon Route 53?

o Identify VPN, AWS Direct Connect

Identifying a Site-to-Site VPN connection

AWS Direct Connect

Identify different AWS database services

o Install databases on Amazon EC2 compared to AWS managed databases

Choose between RDS, EC2 on AWS for your DB

Amazon EC2-hosted vs. Amazon RDS

o Identify Amazon RDS

Amazon RDS DB instances

o Identify Amazon DynamoDB

What is Amazon DynamoDB?

o Identify Amazon Redshift

Getting started with Amazon Redshift

3.4 Identify Resources for Technology Support

Recognize there is documentation (best practices, whitepapers, AWS Knowledge Center, forums, blogs)

Follow security best practices

AWS whitepapers & guides

AWS knowledge center

AWS discussion forums

AWS blog

Identify the various levels and scope of AWS support

o AWS Abuse

Report abuse of AWS resources

o AWS support cases

Creating support cases

o Premium support

Announcing AWS premium support

o Technical Account Managers

Technical account management

Recognize there is a partner network (marketplace, third-party) including Independent Software Vendors and System Integrators

AWS Partner Network

AWS ISV partner path

Systems Integrators | AWS Partner Network (APN)

Identify sources of AWS technical assistance and knowledge including professional services, solution architects, training and certification, and the Amazon Partner Network

Get AWS technical support

AWS professional services

Successful solutions architects do these five things

AWS training & certification

Identify the benefits of using AWS Trusted Advisor

AWS Trusted Advisor benefits

Domain 4: Billing and Pricing – 16%

4.1 Compare and Contrast the Various Pricing Models for AWS (For Example, On-Demand Instances, Reserved Instances, and Spot Instance Pricing)

Amazon EC2 pricing

Identify scenarios/best fit for On-Demand Instance pricing

EC2 on-demand instance pricing

On-Demand Instances in Elastic Compute Cloud

Identify scenarios/best fit for Reserved-Instance pricing

Amazon EC2 Reserved Instances

Reserved instances in EC2

o Describe Reserved-Instances flexibility

Instance size flexibility for EC2 Reserved Instances

o Describe Reserved-Instances behavior in AWS Organizations

Reserved instances behavior

Identify scenarios/best fit for Spot Instance pricing

Strategies for using spot instances

4.2 Recognize the Various Account Structures in Relation to AWS Billing and Pricing

Recognize that consolidated billing is a feature of AWS Organizations

Consolidated billing for AWS Organizations

Identify how multiple accounts aid in allocating costs across departments

Cost allocation basics that you need to know

AWS cost allocation for customer bills

4.3 Identify Resources Available for Billing Support

Identify ways to get billing support and information

Get help with AWS Billing & Cost Management

o Cost Explorer, AWS Cost and Usage Report, Amazon QuickSight, third-party partners, and AWS Marketplace tools

Analyzing your costs with Cost Explorer

AWS cost & usage reports

What Is Amazon QuickSight?

Managed service partners

Solutions in AWS Marketplace

o Open a billing support case

Creating support cases

o The role of the Concierge for AWS Enterprise Support Plan customers

AWS enterprise support

Identify where to find pricing information on AWS services

o AWS Simple Monthly Calculator

AWS Simple Monthly Calculator

o AWS Services product pages

Using the products page

Cloud products

o AWS Pricing API

AWS price list API

Recognize that alarms/alerts exist

Creating a billing alarm to monitor your AWS charges

Monitor Your AWS charges with billing alerts

Identify how tags are used in cost allocation

Using cost allocation tags

This brings us to the end of the AWS Certified Cloud Practitioner (AWS CCP) [CLF-C01] Exam Preparation Study Guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you about how your preparation is going on!

In case you are preparing for other AWS certification exams, check out the AWS study guides for those exams.

Get Updates on AWS Certified Cloud Practitioner

Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the AWS Certified Cloud Practitioner Guide

You may also like