Back to All Certifications
AWS Certified Cloud Practitioner logo
Amazon Web Services

AWS Certified Cloud Practitioner

The AWS Certified Cloud Practitioner (CLF-C02) exam validates a candidate's overall knowledge of the AWS Cloud, independent of a specific job role. It covers AWS Cloud concepts, security and compliance, core AWS services, and cloud economics. The target audience includes individuals with up to 6 months of AWS exposure, including those from non-IT backgrounds who are early in their AWS Cloud career.

Exam Details

Duration
130 minutes
Questions
65 questions
Passing Score
70%
Format
Multiple choice and multiple response

What This Exam Really Tests

The AWS Cloud Practitioner fundamentally tests whether you can think like a cloud business stakeholder, not a technician — evaluating your ability to match AWS services to business problems, justify cloud adoption in economic terms, and understand who is responsible for what in a shared security model. It assesses conceptual fluency over hands-on skill, meaning you need to know WHAT services do and WHY you'd choose them, not HOW to configure them. The exam is essentially a litmus test for whether you can participate intelligently in cloud strategy conversations across business, security, and technical teams.

Key Success Factors

  • The Shared Responsibility Model is the spine of the entire exam — nearly every security question is a variation of 'is this AWS's job or the customer's job?', so internalize the line between managed infrastructure (AWS) and data/identity/application configuration (you) until it becomes instinct.
  • Service recognition over service mastery is what's being tested — you need to know that Amazon RDS is a managed relational database and when you'd choose it over DynamoDB, but you will never be asked to write a query or configure a subnet; the exam rewards breadth of awareness, not depth of implementation.
  • Cloud economics questions are deceptively conceptual — the exam tests whether you understand WHY cloud saves money (elasticity, no upfront CapEx, pay-as-you-go) and which pricing tools like Cost Explorer, Budgets, and Savings Plans address which problems, making this a 'business case' exam as much as a technical one.

Common Pitfalls to Avoid

  • Candidates from IT backgrounds over-index on technical configuration details and get tripped up by distractor answers that are technically plausible but wrong because they describe the customer managing something AWS actually manages for you — the exam punishes the instinct to 'do it yourself' when a managed service exists.
  • Underestimating the Security and Compliance domain because it sounds straightforward — this 30% section requires precise knowledge of specific tools like AWS Shield vs. WAF vs. GuardDuty vs. Inspector, and candidates who lump these together as 'security services' will consistently choose the second-best answer on scenario questions.
💡

Approach every question as a cloud-fluent business advisor asking 'which AWS-managed option solves this problem with the least operational burden and cost, while keeping the customer responsible only for what they must control' — not as an engineer trying to build the most technically complete solution.

Exam Domains

Cloud Concepts

24%

This domain tests your ability to articulate the 'why' of cloud adoption rather than the 'how.' Questions frequently present business scenarios asking you to identify which cloud benefit (agility, elasticity, economies of scale, etc.) applies, so memorize the Six Advantages of Cloud Computing from AWS documentation verbatim. Migration strategies like the 6 R's (Rehost, Replatform, Refactor, Repurchase, Retire, Retain) are high-yield topics that appear regularly in scenario-based questions.

Six Advantages of Cloud Computing and their real-world applicationsAWS Well-Architected Framework six pillars and their design principlesCloud migration strategies (6 R's) and when to apply eachCapEx vs OpEx trade-offs and Total Cost of Ownership (TCO) concepts

💡 Many candidates underestimate this domain because it seems conceptual, but confusing similar terms like 'elasticity' vs 'scalability' or misidentifying the correct migration strategy for a scenario are the most common traps. Study AWS's exact terminology, not paraphrased definitions.

Practice this domain's questions

Security and Compliance

30%

As the highest-weighted domain at 30%, Security and Compliance demands the most preparation time and rewards precision over general understanding. The Shared Responsibility Model is the cornerstone topic — nearly every security question can be framed around 'who is responsible,' so practice categorizing dozens of specific services and configurations as either AWS's or the customer's responsibility. IAM concepts including users, groups, roles, and policies with least-privilege principles are tested deeply and practically.

Shared Responsibility Model applied to specific services (EC2 vs RDS vs Lambda vs S3)IAM components: users, groups, roles, policies, MFA, and root account best practicesAWS compliance programs, artifact, and how to assess regulatory alignmentSecurity services: AWS Shield, WAF, GuardDuty, Inspector, Macie, Security Hub, and CloudTrail

💡 The most common pitfall is misapplying the Shared Responsibility Model to managed services like RDS or Lambda, where AWS takes on more responsibility than in EC2. Also, candidates often confuse the functions of overlapping security services — create a comparison table for GuardDuty, Inspector, Macie, and Shield to keep them distinct.

Practice this domain's questions

Cloud Technology and Services

34%

The largest domain at 34% is essentially a broad AWS service catalog quiz, requiring you to know the purpose and primary use case of dozens of AWS services without needing deep technical implementation knowledge. Focus on knowing which service solves which problem rather than configuration details — the exam tests service selection, not service administration. AI/ML and analytics services are increasingly emphasized in recent exam versions, so don't neglect SageMaker, Rekognition, Comprehend, Athena, and Glue.

Core compute options: EC2, Lambda, ECS, EKS, Elastic Beanstalk, and when to use eachStorage differentiation: S3, EBS, EFS, S3 Glacier, and their appropriate use casesDatabase service selection: RDS, DynamoDB, Aurora, Redshift, ElastiCache by use caseGlobal infrastructure: Regions, Availability Zones, Edge Locations, and how services leverage themAI/ML and analytics services: SageMaker, Rekognition, Athena, Kinesis, and QuickSight

💡 The breadth of this domain is its primary challenge — there are over 200 AWS services, but focus only on in-scope services listed in the exam guide. The highest-risk pitfall is confusing similar services: SQS vs SNS vs EventBridge, or EBS vs EFS vs S3. Build a one-line 'this service does X' reference sheet for every in-scope service.

Practice this domain's questions

Billing, Pricing, and Support

12%

At only 12% weight this domain is the smallest, but it is highly learnable and should be treated as 'free points' with focused preparation. AWS pricing models have specific rules — Reserved Instances offer up to 72% savings with 1 or 3-year commitments, Spot Instances can be interrupted, and Savings Plans offer flexible discounts — and the exam tests these distinctions precisely. Know the AWS Support plan tiers (Basic, Developer, Business, Enterprise On-Ramp, Enterprise) cold, especially response times and features that differentiate Business from Enterprise.

EC2 pricing models: On-Demand, Reserved, Spot, Dedicated Hosts, and Savings Plans with their trade-offsAWS Support plan tiers and their differentiating features (TAM, response times, Trusted Advisor checks)Cost management tools: AWS Cost Explorer, AWS Budgets, Cost and Usage Report, and Pricing CalculatorS3 and data transfer pricing principles including free inbound data transfer

💡 Candidates often mix up AWS Pricing Calculator (estimates future costs) with AWS Cost Explorer (analyzes past/current costs) and AWS Budgets (sets alerts). Also, Trusted Advisor's full set of checks is only available on Business and above — this specific fact appears on the exam regularly and is frequently missed.

Practice this domain's questions

Pass the AWS Cloud Practitioner Exam with AI-Driven Precision Practice

CertForge maps every practice question to all 4 CLF-C02 domains, so you study smarter and pass faster.

Domain-Mapped Question Bank

AI-generated questions target all 4 CLF-C02 domains, ensuring balanced coverage of Cloud Concepts, Security, Technology, and Billing.

AWS Service Mastery Tracking

Pinpoint exactly which AWS services like EC2, S3, or IAM are tripping you up, then drill those gaps automatically.

Adaptive Weak-Spot Training

CertForge detects your weakest CLF-C02 domains and reallocates your study time before exam day arrives.

Pass Threshold Prediction

Know your readiness before you sit the exam with a predicted score benchmarked against the 700-point passing threshold.

Why CertForge? Unlike static study guides, CertForge adapts in real time to your specific AWS knowledge gaps across all 4 exam domains.

Amazon Web Services Services Covered

This exam touches 128 Amazon Web Services services, but focuses heavily on a smaller core set.

The AWS Certified Cloud Practitioner is a breadth-first exam that rewards conceptual understanding over deep technical mastery; the Security and Compliance domain (30%) and Cloud Technology and Services domain (34%) together account for nearly two-thirds of the exam, making IAM, security services, core compute, storage, and networking services the highest-priority study targets, while the large number of awareness-level services are tested only at a recognition and use-case identification level.

Service Coverage Explained

The official in-scope list (128 services) represents all services AWS formally designates as testable for the exam, while the curriculum count (55) reflects services explicitly named within the extracted exam outline topics and objectives, which serve as stronger signals of exam frequency; CertForge may retain outline-mentioned services as approved supplemental coverage without implying they are part of the formal in-scope list.

Official exam guide: 128 in-scope services • Extracted outline/objective mentions: 55 services • Total unique: 128 services

🔥

Core Services (High Frequency)

These foundational services appear across all four exam domains and represent the most frequently tested building blocks of AWS architecture, security, and operations.

AWS Identity and Access Management (IAM)Amazon EC2Amazon S3Amazon VPCAWS CloudTrailAWS LambdaAmazon CloudWatchAmazon RDSAWS Trusted AdvisorAWS CloudFormationAWS ShieldAWS Key Management Service (KMS)
⚠️

Secondary Services (Contextual)

These services appear in scenario-based questions related to security compliance, cost management, networking, and scalable architecture decisions across the exam domains.

AWS IAM Identity CenterAmazon DynamoDBAmazon CloudFrontAmazon Route 53AWS WAFAWS OrganizationsAWS Cost ExplorerAWS BudgetsAWS ArtifactAWS ConfigAmazon GuardDutyAmazon InspectorAWS Auto ScalingAWS Direct ConnectAmazon SNSAmazon SQSAWS Support
📦

Long-Tail Services (Awareness Level)

These services represent the broad breadth of the AWS portfolio; candidates should recognize their general purpose and use cases but are unlikely to encounter deep technical questions on any single one.

Compare with Other Certifications

Select a certification to compare exam structure and domain coverage side-by-side.

Ready to Start Your Journey?

Begin your AWS Certified Cloud Practitioner preparation with CertForge's curriculum-aware learning system