| Latest revision |
Your text |
| Line 1: |
Line 1: |
| − | * https://d1.awsstatic.com/training-and-certification/Docs%20-%20Cloud%20Practitioner/AWS%20Certified%20Cloud%20Practitioner_Exam_Guide_v1.4_FINAL.PDF
| + | : https://d1.awsstatic.com/training-and-certification/Docs%20-%20Cloud%20Practitioner/AWS%20Certified%20Cloud%20Practitioner_Exam_Guide_v1.4_FINAL.PDF |
| | | | |
| − | * https://d1.awsstatic.com/training-and-certification/docs-cloud-practitioner/AWS-Certified-Cloud-Practitioner_Sample-Questions.pdf
| |
| | | | |
| − | ==Domain 1: Cloud Concepts==
| |
| − | ===1.1 Define the AWS Cloud and its value proposition===
| |
| − | Define the benefits of the AWS cloud including:
| |
| − | * [[Security]]
| |
| − | * [[Reliability]]
| |
| − | * [[High Availability]]
| |
| − | * [[Elasticity]]
| |
| − | * [[Agility]]
| |
| − | * [[Pay-as-you go pricing]]
| |
| − | * [[Scalability]]
| |
| − | * [[Global Reach]]
| |
| − | * [[Economy of scale]]
| |
| − |
| |
| − | Explain how the AWS cloud allows users to focus on business value
| |
| − | * Shifting technical resources to revenue-generating activities as opposed to managing
| |
| − | infrastructure
| |
| − |
| |
| − | ===1.2 Identify aspects of AWS Cloud economics===
| |
| − | Define items that would be part of a Total Cost of Ownership proposal
| |
| − |
| |
| − | * Understand the role of operational expenses ([[OpEx]])
| |
| − | * Understand the role of capital expenses ([[CapEx]])
| |
| − | * Understand labor costs associated with on-premises operations
| |
| − | * Understand the impact of software licensing costs when moving to the cloud
| |
| − |
| |
| − | Identify which operations will reduce costs by moving to the cloud:
| |
| − | * Right-sized infrastructure
| |
| − | * Benefits of automation
| |
| − | * Reduce compliance scope (for example, reporting)
| |
| − | * Managed services (for example, [[RDS]], [[ECS]], [[EKS]], [[DynamoDB]])
| |
| − |
| |
| − | ===1.3 Explain the different cloud architecture design principles===
| |
| − | Explain the design principles:
| |
| − |
| |
| − | * Design for failure
| |
| − | * Decouple components versus monolithic architecture
| |
| − | * Implement elasticity in the cloud versus [[on-premises]]
| |
| − | * Think parallel
| |
| − |
| |
| − | ==Domain 2: Security and Compliance==
| |
| − | ===2.1 Define the AWS shared responsibility model===
| |
| − | Recognize the elements of the Shared Responsibility Model
| |
| − | Describe the customer’s responsibility on [[AWS]]
| |
| − |
| |
| − | * Describe how the customer’s responsibilities may shift depending on the service used
| |
| − | (for example with [[RDS]], [[Lambda]], or [[EC2]])
| |
| − |
| |
| − | * Describe AWS responsibilities
| |
| − |
| |
| − | ===2.2 Define AWS Cloud security and compliance concepts===
| |
| − | Identify where to find AWS compliance information:
| |
| − | *Locations of lists of recognized available compliance controls (for example, [[HIPPA]],
| |
| − | [[SOCs]])
| |
| − | * Recognize that compliance requirements vary among AWS services
| |
| − |
| |
| − | At a high level, describe how customers achieve compliance on AWS
| |
| − | * Identify different [[encryption]] options on AWS (for example, [[In transit]], [[At rest]])
| |
| − |
| |
| − | Describe who enables encryption on AWS for a given service
| |
| − |
| |
| − | Recognize there are services that will aid in auditing and reporting
| |
| − | * Recognize that logs exist for auditing and monitoring (do not have to understand the
| |
| − | logs)
| |
| − | * Define [[Amazon CloudWatch]], [[AWS Config]], and [[AWS CloudTrail]]
| |
| − | Explain the concept of least privileged access
| |
| − |
| |
| − | ===2.3 Identify AWS access management capabilities===
| |
| − | Understand the purpose of User and Identity Management:
| |
| − | * Access keys and password policies (rotation, complexity)
| |
| − | * [[Multi-Factor Authentication]] (MFA)
| |
| − | * [[AWS Identity and Access Management]] (IAM)
| |
| − | ** [[Groups]]/[[users]]
| |
| − | ** [[Roles]]
| |
| − | ** [[Policies]], managed policies compared to custom policies
| |
| − | * Tasks that require use of root accounts
| |
| − |
| |
| − | Protection of root accounts
| |
| − |
| |
| − | ===2.4 Identify resources for security support===
| |
| − | Recognize there are different network security capabilities:
| |
| − | *Native [[AWS services]] (for example, [[security groups]], [[Network ACLs]], [[AWS WAF]])
| |
| − | * 3
| |
| − | rd party security products from the [[AWS Marketplace]]
| |
| − | * Recognize there is documentation and where to find it (for example, best practices,
| |
| − | whitepapers, official documents)
| |
| − | * AWS Knowledge Center, Security Center, security forum, and security blogs
| |
| − | * [[Partner Systems Integrators]]
| |
| − |
| |
| − | Know that security checks are a component of [[AWS Trusted Advisor]]
| |
| − |
| |
| − | ==Domain 3: Technology==
| |
| − | ===3.1 Define methods of deploying and operating in the AWS Cloud===
| |
| − | Identify at a high level different ways of provisioning and operating in the AWS cloud:
| |
| − | * Programmatic access, [[APIs]], [[SDKs]], [[AWS Management Console]], [[CLI]], [[Infrastructure as Code]]
| |
| − |
| |
| − | Identify different types of cloud deployment models:
| |
| − | * All in with cloud/cloud native
| |
| − | * [[Hybrid]]
| |
| − | * [[On-premises]]
| |
| − |
| |
| − | Identify connectivity options:
| |
| − | * [[VPN]]
| |
| − | * [[AWS Direct Connect]]
| |
| − | * Public internet
| |
| − |
| |
| − | ===3.2 Define the AWS global infrastructure===
| |
| − | Describe the relationships among [[Regions]], [[Availability Zones]], and [[Edge Locations]].
| |
| − |
| |
| − | Describe how to achieve high availability through the use of multiple Availability Zones:
| |
| − | * Recall that high availability is achieved by using multiple [[Availability Zones]]
| |
| − | * Recognize that Availability Zones do not share single points of failure
| |
| − |
| |
| − | Describe when to consider the use of multiple AWS Regions:
| |
| − | * [[Disaster recovery]]/business continuity
| |
| − | * [[Low latency]] for end-users
| |
| − | * [[Data sovereignty]]
| |
| − |
| |
| − | Describe at a high level the benefits of Edge Locations:
| |
| − | * [[Amazon CloudFront]]
| |
| − | * [[AWS Global Accelerator]]
| |
| − |
| |
| − | ===3.3 Identify the core AWS services===
| |
| − | Describe the categories of services on AWS (compute, storage, network, database).
| |
| − |
| |
| − | Identify AWS compute services:
| |
| − | * Recognize there are different compute families
| |
| − | * Recognize the different services that provide compute (for example, [[AWS Lambda ]]
| |
| − | compared to Amazon Elastic Container Service (Amazon [[ECS]]), or Amazon [[EC2]], etc.)
| |
| − | * Recognize that elasticity is achieved through [[Auto Scaling]]
| |
| − | * Identify the purpose of load balancers
| |
| − |
| |
| − | Identify different AWS storage services:
| |
| − | * Describe [[Amazon S3]]
| |
| − | * Describe [[Amazon Elastic Block Store]] (Amazon EBS)
| |
| − | * Describe [[Amazon S3 Glacier]]
| |
| − | * Describe [[AWS Snowball]]
| |
| − | * Describe [[Amazon Elastic File System]] (Amazon EFS)
| |
| − | * Describe [[AWS Storage Gateway]]
| |
| − |
| |
| − | Identify AWS networking services:
| |
| − | * Identify [[VPC]]
| |
| − | * Identify [[security groups]]
| |
| − | * Identify the purpose of [[Amazon Route 53]]
| |
| − | * Identify [[VPN]], [[AWS Direct Connect]]
| |
| − |
| |
| − | Identify different AWS database services:
| |
| − | * Install databases on Amazon EC2 compared to AWS managed database
| |
| − |
| |
| − | == See also ==
| |
| − | * {{AWS}}
| |
| − | * {{Certifications}}
| |
| | | | |
| | [[Category:Certifications]] | | [[Category:Certifications]] |
| − | [[Category:AWS]]
| |
