Difference between revisions of "AWS Cloud Practitioner"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Line 1: Line 1:
 
: https://d1.awsstatic.com/training-and-certification/Docs%20-%20Cloud%20Practitioner/AWS%20Certified%20Cloud%20Practitioner_Exam_Guide_v1.4_FINAL.PDF
 
: https://d1.awsstatic.com/training-and-certification/Docs%20-%20Cloud%20Practitioner/AWS%20Certified%20Cloud%20Practitioner_Exam_Guide_v1.4_FINAL.PDF
  
 +
 +
<pre>
 +
Domain 1: Cloud Concepts
 +
1.1 Define the AWS Cloud and its value proposition
 +
 Define the benefits of the AWS cloud including:
 +
o Security
 +
o Reliability
 +
o High Availability
 +
o Elasticity
 +
o Agility
 +
o Pay-as-you go pricing
 +
o Scalability
 +
o Global Reach
 +
o Economy of scale
 +
 Explain how the AWS cloud allows users to focus on business value
 +
o Shifting technical resources to revenue-generating activities as opposed to managing
 +
infrastructure
 +
1.2 Identify aspects of AWS Cloud economics
 +
 Define items that would be part of a Total Cost of Ownership proposal
 +
o Understand the role of operational expenses (OpEx)
 +
o Understand the role of capital expenses (CapEx)
 +
o Understand labor costs associated with on-premises operations
 +
o Understand the impact of software licensing costs when moving to the cloud
 +
 Identify which operations will reduce costs by moving to the cloud
 +
o Right-sized infrastructure
 +
o Benefits of automation
 +
o Reduce compliance scope (for example, reporting)
 +
o Managed services (for example, RDS, ECS, EKS, DynamoDB)
 +
1.3 Explain the different cloud architecture design principles
 +
 Explain the design principles
 +
o Design for failure
 +
o Decouple components versus monolithic architecture
 +
o Implement elasticity in the cloud versus on-premises
 +
o Think parallel
 +
Version 2.1 CLF-C01 4 | PAGE
 +
Domain 2: Security and Compliance
 +
2.1 Define the AWS shared responsibility model
 +
 Recognize the elements of the Shared Responsibility Model
 +
 Describe the customer’s responsibly on AWS
 +
o Describe how the customer’s responsibilities may shift depending on the service used
 +
(for example with RDS, Lambda, or EC2)
 +
 Describe AWS responsibilities
 +
2.2 Define AWS Cloud security and compliance concepts
 +
 Identify where to find AWS compliance information
 +
o Locations of lists of recognized available compliance controls (for example, HIPPA,
 +
SOCs)
 +
o Recognize that compliance requirements vary among AWS services
 +
 At a high level, describe how customers achieve compliance on AWS
 +
o Identify different encryption options on AWS (for example, In transit, At rest)
 +
 Describe who enables encryption on AWS for a given service
 +
 Recognize there are services that will aid in auditing and reporting
 +
o Recognize that logs exist for auditing and monitoring (do not have to understand the
 +
logs)
 +
o Define Amazon CloudWatch, AWS Config, and AWS CloudTrail
 +
 Explain the concept of least privileged access
 +
2.3 Identify AWS access management capabilities
 +
 Understand the purpose of User and Identity Management
 +
o Access keys and password policies (rotation, complexity)
 +
o Multi-Factor Authentication (MFA)
 +
o AWS Identity and Access Management (IAM)
 +
• Groups/users
 +
• Roles
 +
• Policies, managed policies compared to custom policies
 +
o Tasks that require use of root accounts
 +
Protection of root accounts
 +
2.4 Identify resources for security support
 +
 Recognize there are different network security capabilities
 +
o Native AWS services (for example, security groups, Network ACLs, AWS WAF)
 +
o 3
 +
rd party security products from the AWS Marketplace
 +
 Recognize there is documentation and where to find it (for example, best practices,
 +
whitepapers, official documents)
 +
o AWS Knowledge Center, Security Center, security forum, and security blogs
 +
o Partner Systems Integrators
 +
 Know that security checks are a component of AWS Trusted Advisor
 +
 +
Version 2.1 CLF-C01 5 | PAGE
 +
Domain 3: Technology
 +
3.1 Define methods of deploying and operating in the AWS Cloud
 +
 Identify at a high level different ways of provisioning and operating in the AWS cloud
 +
o Programmatic access, APIs, SDKs, AWS Management Console, CLI, Infrastructure as
 +
Code
 +
 Identify different types of cloud deployment models
 +
o All in with cloud/cloud native
 +
o Hybrid
 +
o On-premises
 +
 Identify connectivity options
 +
o VPN
 +
o AWS Direct Connect
 +
o Public internet
 +
3.2 Define the AWS global infrastructure
 +
 Describe the relationships among Regions, Availability Zones, and Edge Locations
 +
 Describe how to achieve high availability through the use of multiple Availability Zones
 +
o Recall that high availability is achieved by using multiple Availability Zones
 +
o Recognize that Availability Zones do not share single points of failure
 +
 Describe when to consider the use of multiple AWS Regions
 +
o Disaster recovery/business continuity
 +
o Low latency for end-users
 +
o Data sovereignty
 +
 Describe at a high level the benefits of Edge Locations
 +
o Amazon CloudFront
 +
o AWS Global Accelerator
 +
3.3 Identify the core AWS services
 +
 Describe the categories of services on AWS (compute, storage, network, database)
 +
 Identify AWS compute services
 +
o Recognize there are different compute families
 +
o Recognize the different services that provide compute (for example, AWS Lambda
 +
compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.)
 +
o Recognize that elasticity is achieved through Auto Scaling
 +
o Identify the purpose of load balancers
 +
 Identify different AWS storage services
 +
o Describe Amazon S3
 +
o Describe Amazon Elastic Block Store (Amazon EBS)
 +
o Describe Amazon S3 Glacier
 +
o Describe AWS Snowball
 +
o Describe Amazon Elastic File System (Amazon EFS)
 +
o Describe AWS Storage Gateway
 +
 Identify AWS networking services
 +
o Identify VPC
 +
o Identify security groups
 +
o Identify the purpose of Amazon Route 53
 +
o Identify VPN, AWS Direct Connect
 +
 Identify different AWS database services
 +
o Install databases on Amazon EC2 compared to AWS managed database
 +
</pre>
  
 
== See also ==
 
== See also ==

Revision as of 13:25, 9 September 2021

https://d1.awsstatic.com/training-and-certification/Docs%20-%20Cloud%20Practitioner/AWS%20Certified%20Cloud%20Practitioner_Exam_Guide_v1.4_FINAL.PDF


Domain 1: Cloud Concepts
1.1 Define the AWS Cloud and its value proposition
 Define the benefits of the AWS cloud including:
o Security
o Reliability
o High Availability
o Elasticity
o Agility
o Pay-as-you go pricing
o Scalability
o Global Reach
o Economy of scale
 Explain how the AWS cloud allows users to focus on business value
o Shifting technical resources to revenue-generating activities as opposed to managing
infrastructure
1.2 Identify aspects of AWS Cloud economics
 Define items that would be part of a Total Cost of Ownership proposal
o Understand the role of operational expenses (OpEx)
o Understand the role of capital expenses (CapEx)
o Understand labor costs associated with on-premises operations
o Understand the impact of software licensing costs when moving to the cloud
 Identify which operations will reduce costs by moving to the cloud
o Right-sized infrastructure
o Benefits of automation
o Reduce compliance scope (for example, reporting)
o Managed services (for example, RDS, ECS, EKS, DynamoDB)
1.3 Explain the different cloud architecture design principles
 Explain the design principles
o Design for failure
o Decouple components versus monolithic architecture
o Implement elasticity in the cloud versus on-premises
o Think parallel
Version 2.1 CLF-C01 4 | PAGE
Domain 2: Security and Compliance
2.1 Define the AWS shared responsibility model
 Recognize the elements of the Shared Responsibility Model
 Describe the customer’s responsibly on AWS
o Describe how the customer’s responsibilities may shift depending on the service used
(for example with RDS, Lambda, or EC2)
 Describe AWS responsibilities
2.2 Define AWS Cloud security and compliance concepts
 Identify where to find AWS compliance information
o Locations of lists of recognized available compliance controls (for example, HIPPA,
SOCs)
o Recognize that compliance requirements vary among AWS services
 At a high level, describe how customers achieve compliance on AWS
o Identify different encryption options on AWS (for example, In transit, At rest)
 Describe who enables encryption on AWS for a given service
 Recognize there are services that will aid in auditing and reporting
o Recognize that logs exist for auditing and monitoring (do not have to understand the
logs)
o Define Amazon CloudWatch, AWS Config, and AWS CloudTrail
 Explain the concept of least privileged access
2.3 Identify AWS access management capabilities
 Understand the purpose of User and Identity Management
o Access keys and password policies (rotation, complexity)
o Multi-Factor Authentication (MFA)
o AWS Identity and Access Management (IAM)
• Groups/users
• Roles
• Policies, managed policies compared to custom policies
o Tasks that require use of root accounts
Protection of root accounts
2.4 Identify resources for security support
 Recognize there are different network security capabilities
o Native AWS services (for example, security groups, Network ACLs, AWS WAF)
o 3
rd party security products from the AWS Marketplace
 Recognize there is documentation and where to find it (for example, best practices,
whitepapers, official documents)
o AWS Knowledge Center, Security Center, security forum, and security blogs
o Partner Systems Integrators
 Know that security checks are a component of AWS Trusted Advisor
 
Version 2.1 CLF-C01 5 | PAGE
Domain 3: Technology
3.1 Define methods of deploying and operating in the AWS Cloud
 Identify at a high level different ways of provisioning and operating in the AWS cloud
o Programmatic access, APIs, SDKs, AWS Management Console, CLI, Infrastructure as
Code
 Identify different types of cloud deployment models
o All in with cloud/cloud native
o Hybrid
o On-premises
 Identify connectivity options
o VPN
o AWS Direct Connect
o Public internet
3.2 Define the AWS global infrastructure
 Describe the relationships among Regions, Availability Zones, and Edge Locations
 Describe how to achieve high availability through the use of multiple Availability Zones
o Recall that high availability is achieved by using multiple Availability Zones
o Recognize that Availability Zones do not share single points of failure
 Describe when to consider the use of multiple AWS Regions
o Disaster recovery/business continuity
o Low latency for end-users
o Data sovereignty
 Describe at a high level the benefits of Edge Locations
o Amazon CloudFront
o AWS Global Accelerator
3.3 Identify the core AWS services
 Describe the categories of services on AWS (compute, storage, network, database)
 Identify AWS compute services
o Recognize there are different compute families
o Recognize the different services that provide compute (for example, AWS Lambda
compared to Amazon Elastic Container Service (Amazon ECS), or Amazon EC2, etc.)
o Recognize that elasticity is achieved through Auto Scaling
o Identify the purpose of load balancers
 Identify different AWS storage services
o Describe Amazon S3
o Describe Amazon Elastic Block Store (Amazon EBS)
o Describe Amazon S3 Glacier
o Describe AWS Snowball
o Describe Amazon Elastic File System (Amazon EFS)
o Describe AWS Storage Gateway
 Identify AWS networking services
o Identify VPC
o Identify security groups
o Identify the purpose of Amazon Route 53
o Identify VPN, AWS Direct Connect
 Identify different AWS database services
o Install databases on Amazon EC2 compared to AWS managed database

See also

Retrieved from "https://www.wikieduonline.com/index.php?title=AWS_Cloud_Practitioner&oldid=83084"

Advertising: