The CLF-C02 fails candidates who treat it like a vocabulary test. The exam rewards those who can look at a scenario, identify which AWS service solves the problem, and explain why the alternatives don't. It is a foundational exam, not an easy one. The September 2023 overhaul expanded the service catalog significantly, added AI/ML services, and shifted 30% of the exam weight to security. Some candidates report needing 33 to 60+ hours of preparation depending on background, and the single most common mistake is underestimating the breadth of services you need to know by name, function, and use case.
TL;DR
- Exam basics: 65 questions, 90 minutes, $100 USD, passing score of 700/1000, valid for 3 years
- Biggest domain shift: Security and Compliance now accounts for 30% of the exam, up from 25% in CLF-C01
- Cloud Technology and Services (34%) is the largest domain and requires you to differentiate dozens of services by use case, not just name
- AI/ML services like SageMaker, Rekognition, and Polly are new to CLF-C02 and appear on the exam
- Some candidates report 33 to 60+ hours of total study time; those with existing cloud experience may need considerably less
- The exam tests application of concepts to business scenarios, not definitions. Knowing what a service does matters less than knowing when to choose it
- Outdated CLF-C01 study materials are a documented cause of exam failure; verify all resources were updated after September 2023
What this exam is really about
The CLF-C02 exists to validate that you understand how AWS works as a platform, not that you can configure individual services. It tests whether you can identify the right tool for a given business problem, explain why one storage class beats another for a particular workload, and articulate the security boundaries between AWS and the customer. The questions are scenario-driven: you will read about a company's requirements and pick the service or architecture that fits.
This means pure memorization of service names gets you partway, but not across the finish line. The exam designers want to know if you understand the "why" behind AWS design decisions. Why does the Shared Responsibility Model matter? Why would you choose Lambda over EC2 for a specific workload? Why is S3 Intelligent-Tiering appropriate for unpredictable access patterns? Every domain connects back to this pattern of applied reasoning.
Exam at a glance
| Item | Value |
|---|---|
| Cost | $100 USD (varies by country) |
| Duration | 90 minutes |
| Questions | 65 (multiple choice or multiple response) |
| Passing Score | 700/1000 |
| Format | Multiple choice and multiple response, scenario-based |
| Validity | 3 years |
| Testing | Online proctored (OnVUE) / Test center (Pearson VUE) |
| Retake Policy | 14 days between attempts (standard AWS policy) |
The 65 questions include both single-answer multiple choice and multiple-response questions where you select two or more correct answers. Not all 65 questions are scored; AWS includes unscored questions for future exam development, but you will not know which ones are experimental. Treat every question as if it counts.
Time pressure is moderate. At 90 minutes for 65 questions, you have roughly 83 seconds per question. Most candidates with adequate preparation report finishing with time to spare for review. The scenario-based questions tend to take longer than straightforward recall questions, so budget your time accordingly rather than assuming a uniform pace.
The CLF-C02 replaced CLF-C01 in September 2023 with significant changes. Domain weights shifted, AI/ML and serverless topics were added, and the security domain grew from 25% to 30%. Any study material published before September 2023 should be treated as potentially incomplete for the current exam version.
Who should take this exam
The CLF-C02 is designed for a broad audience: IT professionals moving into cloud roles, project managers who need to speak AWS fluently, sales and business development professionals working with AWS customers, and recent graduates entering cloud-adjacent careers. You do not need hands-on AWS experience to pass, but you do need a structured understanding of what AWS services exist and when each one applies.
If you are already working as a cloud engineer, solutions architect, or DevOps professional with daily AWS experience, you may find more career value in jumping directly to an associate-level certification like the Solutions Architect Associate (SAA-C03). The Cloud Practitioner is most valuable as a credential for non-engineering roles, as a structured entry point for career changers, or as a confidence-building first step before tackling associate-level exams. According to community data, AWS holds approximately 32% of the global cloud market share, which means AWS fluency is relevant across virtually every industry vertical.
The 4 domains and what actually gets tested
Domain 1: Cloud Concepts (24%)24%
Cloud Concepts covers the foundational principles that everything else builds on: the benefits of cloud computing, AWS global infrastructure, and two critical frameworks that candidates consistently underestimate.
The AWS Cloud Adoption Framework (CAF) is a major addition in CLF-C02. You need to know all six perspectives: Business, People, Governance, Platform, Security, and Operations. The exam does not just ask you to list them. It presents scenarios and asks which perspective applies. Similarly, the AWS Well-Architected Framework and its six pillars (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability) are testable both as individual concepts and as design principles.
Some candidates report that the overlap between CAF and the Well-Architected Framework creates confusion on the exam. Both frameworks address security, for example, but from different angles. CAF's security perspective is about organizational readiness, while the Well-Architected Framework's security pillar is about architectural best practices. Know which framework addresses which concern.
This domain also covers the cloud value proposition. The Six Advantages of Cloud Computing appear verbatim on the exam โ memorize them: (1) trade upfront capital expense for variable expense, (2) benefit from massive economies of scale, (3) stop guessing capacity, (4) increase speed and agility, (5) stop spending money running data centers, (6) go global in minutes. The classic trap is "trade variable expense for capital expense" โ that's the reverse of the actual advantage and appears as a distractor on nearly every sitting.
CapEx vs OpEx is closely related. Traditional infrastructure is capital expenditure (large upfront cost, depreciated over time). Cloud is operational expenditure (pay-as-you-go, no upfront). Questions frame this as a business benefit of migrating to AWS.
Migration strategies โ the 7 R's โ are directly in task statement 1.3 and appear on most sittings. Rehost (lift-and-shift), Replatform (lift-tinker-and-shift), Repurchase (move to SaaS), Refactor/Re-architect (redesign for cloud), Retire (shut down), Retain (keep on-premises for now), Relocate (move to cloud with minimal change, e.g., VMware on AWS). Questions give a migration scenario and ask which strategy applies. Rehost and Refactor are the most commonly tested pair โ know the difference: Rehost touches nothing; Refactor rebuilds for cloud-native.
The weight decreased slightly from 26% (CLF-C01) to 24%, but the depth of knowledge required for the frameworks has increased. Don't mistake the lower percentage for lower difficulty.
Domain 2: Security and Compliance (30%)30%
Security and Compliance is now the heaviest domain on the exam, having grown from 25% to 30% in the CLF-C02 update. This is the domain where the exam got noticeably harder.
The Shared Responsibility Model is the single most important concept in this domain. AWS is responsible for security "of" the cloud (physical infrastructure, hypervisor, managed services), while the customer is responsible for security "in" the cloud (data, IAM configuration, OS patching on EC2, network configuration). Expect multiple questions that test the boundary between these responsibilities in specific scenarios. For example: who is responsible for patching the operating system on an EC2 instance? The customer. Who is responsible for patching the underlying hardware? AWS.
IAM (Identity and Access Management) questions go beyond basic user and group concepts. CLF-C02 emphasizes IAM roles, temporary credentials, and the principle of least privilege. Know the difference between IAM users (long-term credentials) and IAM roles (temporary credentials assumed by services or users).
You also need to know the security service roster cold. The most-tested cluster โ and the #1 gotcha on the exam โ is the GuardDuty / Inspector / Macie trio:
- Amazon GuardDuty โ threat detection across your account, analyzes VPC Flow Logs, CloudTrail, and DNS logs for suspicious behavior (crypto mining, recon, account compromise). It watches behavior.
- Amazon Inspector โ vulnerability scanning of EC2 instances, Lambda functions, and ECR container images. It scans software for CVEs and open ports.
- Amazon Macie โ uses ML to discover and classify sensitive data (PII, credit cards, SSNs) stored in S3 buckets. It examines data.
- AWS Security Hub โ aggregates findings from GuardDuty, Inspector, Macie, and third-party tools into a single security posture dashboard.
- Amazon Detective โ root-cause analysis tool for investigating security findings after the fact.
- AWS WAF โ Layer 7 web application firewall (protects against SQL injection, XSS). WAF is not DDoS protection โ that's Shield.
- AWS Shield โ DDoS protection. Standard is free and automatic for all AWS customers (Layer 3/4). Shield Advanced is paid.
- AWS KMS (Key Management Service) โ manages encryption keys. KMS keys are regional.
One more distinction the exam tests repeatedly: IAM is global (users, groups, roles, policies exist across all regions). KMS, EC2, VPC, and S3 buckets are all regional. Questions will try to trick you on this.
Security groups and Network ACLs (NACLs) are a classic comparison point. Security groups are stateful and operate at the instance level; NACLs are stateless and operate at the subnet level. Questions may describe a network filtering scenario and ask which tool applies.
Compliance frameworks appear in this domain as well. You should understand that AWS provides compliance certifications (SOC, ISO, PCI DSS, HIPAA) and that the customer is responsible for building compliant applications on top of compliant infrastructure.
Domain 3: Cloud Technology and Services (34%)34%
This is the largest domain and the one that catches most candidates off guard. 34% of the exam. CLF-C02 expanded the service catalog significantly โ serverless, containers, AI/ML, and data migration tools all got added or deepened. There is no shortcut here: breadth matters.
Compute
Know the use-case decision tree before you walk in. "No servers to manage" and event-driven workload โ Lambda. Containers without managing EC2 โ Fargate. Full Kubernetes โ EKS. Lift-and-shift VMs โ EC2. Simplest web app deployment from code โ Elastic Beanstalk. Easiest option for a non-technical user or a dev sandbox โ Lightsail (fixed monthly pricing, bundled resources).
The EC2 pricing model deserves its own attention. On-Demand has no commitment. Reserved Instances (1 or 3 year) discount up to 72% for steady-state workloads. Savings Plans offer similar discounts but apply across instance families and regions โ Compute Savings Plans cover EC2, Lambda, and Fargate. Spot Instances discount up to 90% but can be interrupted with a 2-minute warning; use them for batch jobs or fault-tolerant workloads.
The Dedicated Host vs Dedicated Instance distinction trips candidates up consistently. Both give you single-tenant hardware. Dedicated Instances just mean your instances don't share physical hardware with other customers. Dedicated Hosts go further โ you see and control the physical server (sockets, cores, host ID), which is required for socket-based bring-your-own-license software like Oracle and Windows Server. If a question mentions BYOL or per-socket licensing, the answer is Dedicated Host.
Storage
S3 storage classes are heavily tested, and the minimum storage durations are a specific gotcha:
| Storage Class | Retrieval | Min Duration | Use Case |
|---|---|---|---|
| S3 Standard | Immediate | None | Frequently accessed data |
| S3 Intelligent-Tiering | Immediate | None | Unpredictable access patterns |
| S3 Standard-IA | Immediate | 30 days | Infrequent access, multi-AZ |
| S3 One Zone-IA | Immediate | 30 days | Infrequent access, single AZ (loses data if AZ destroyed) |
| S3 Glacier Instant Retrieval | Milliseconds | 90 days | Quarterly access |
| S3 Glacier Flexible Retrieval | Minutes to hours | 90 days | Archives |
| S3 Glacier Deep Archive | 12โ48 hours | 180 days | Long-term regulatory archives |
The exam will give you a scenario ("data accessed once per quarter, retrieval within 5 minutes acceptable") and make you pick. If you don't have the minimums memorized, you will guess.
Beyond S3: EBS is block storage attached to a single EC2 instance (like a hard drive, tied to one AZ). EFS is a managed network file system that multiple Linux EC2 instances can mount simultaneously. FSx is the Windows equivalent. The question "shared file system for multiple EC2 instances" always points to EFS (Linux) or FSx (Windows) โ never EBS.
Data Migration and the Snow Family
The Snow Family appears on most sittings. Snowcone is a small ruggedized device (~8 TB, 4.5 lbs) for edge locations. Snowball Edge handles 80 TB (Storage Optimized) or 42 TB + GPU (Compute Optimized) for offline bulk transfers. Snowmobile is a literal shipping container that holds 100 PB โ used for full data center evacuations.
AWS retired Snowmobile in 2024. It no longer exists as a service you can order. The exam still asks about it because the blueprint hasn't been updated. Answer the question as the exam expects.
AWS DataSync is the online equivalent โ continuous data transfer from on-premises to S3, EFS, or FSx over the network. The decision rule: if the network transfer would take weeks or the connection is poor, Snow Family. If you need ongoing, fast, network-based transfer, DataSync.
Databases
Match the engine to the scenario: RDS for managed MySQL, PostgreSQL, MariaDB, Oracle, SQL Server. Aurora for AWS-built MySQL/PostgreSQL-compatible with higher performance. DynamoDB for serverless NoSQL with single-digit millisecond latency at any scale. Redshift for data warehouse and analytics (OLAP). ElastiCache (Redis or Memcached) for in-memory caching to reduce database load.
Networking
CloudFront caches static content at edge locations. Global Accelerator improves performance for dynamic or non-HTTP traffic using the AWS backbone and gives you 2 static anycast IPs. These two are a classic confusion pair โ CloudFront caches; Global Accelerator routes.
Direct Connect is a dedicated private fiber connection from your data center to AWS (consistent, low-latency, requires a telecom provider). Site-to-Site VPN is encrypted over the public internet (cheaper, faster to set up, less consistent). Transit Gateway connects multiple VPCs and on-premises networks through a central hub โ use it when you have more than a handful of VPCs to connect.
Monitoring, Logging, and Governance
Three services that every candidate conflates โ remember this: CloudWatch answers "what's happening now?" (metrics, alarms, logs, dashboards). CloudTrail answers "who did it?" (records every API call: who, what, when, from where โ default 90-day history). AWS Config answers "what changed?" (tracks resource configuration state over time, flags non-compliant configs).
The exam will give you "who deleted this S3 bucket?" โ CloudTrail. "CPU is above 80%" โ CloudWatch. "Which S3 buckets are publicly accessible?" โ Config (or Trusted Advisor).
AI/ML Services
New to CLF-C02 and confirmed appearing on recent sittings. Match the service to the data type:
- Images and video โ Rekognition
- Documents and text extraction โ Textract
- Speech to text โ Transcribe
- Text to speech โ Polly
- Natural language processing (sentiment, entities) โ Comprehend
- Language translation โ Translate
- Conversational chatbots โ Lex
- Enterprise intelligent search โ Kendra
- Full ML pipeline (build, train, deploy) โ SageMaker
- Managed foundation models and generative AI โ Bedrock
Bedrock and Amazon Q (AI assistant for business) started appearing on 2025 sittings. They are lightly tested for now โ know that Bedrock is the managed generative AI service and Q is the AI-powered business assistant.
Domain 4: Billing, Pricing, and Support (12%)12%
Billing, Pricing, and Support is the smallest domain at 12%, reduced from 16% in CLF-C01. Some candidates report addressing this domain in their final week of preparation, and it is generally considered the most approachable section of the exam.
Key topics include:
- Savings Plans: flexible pricing model that offers lower rates in exchange for a commitment to consistent usage (measured in $/hour)
- Reserved Instances: capacity reservation with significant discounts for 1-year or 3-year terms
- On-Demand pricing: pay by the hour or second with no commitment
- Spot Instances: deeply discounted spare capacity that can be interrupted
- AWS Cost Explorer: visualize, understand, and manage AWS costs and usage over time
- AWS Budgets: set custom budgets and receive alerts when spending exceeds thresholds
Support plans are tested on nearly every sitting โ usually 2โ3 questions โ and the TAM question is the most commonly missed. There are five tiers, not four:
| Plan | Cost | Trusted Advisor | TAM | Response (critical) |
|---|---|---|---|---|
| Basic | Free | 7 core checks | None | None |
| Developer | ~$29/mo | 7 core checks | None | Business hours email |
| Business | $100/mo min | Full checks | None | 24/7 phone/chat/email, 1-hr |
| Enterprise On-Ramp | $5,500/mo | Full checks | Pool of TAMs | 30-min |
| Enterprise | $15,000/mo | Full checks | Designated TAM | 15-min |
The TAM distinction is critical: Enterprise On-Ramp gives you access to a pool of Technical Account Managers. Enterprise gives you a designated TAM โ one person assigned to your organization. If the question says "a dedicated TAM" or "designated TAM," the answer is Enterprise, not Enterprise On-Ramp.
Full Trusted Advisor checks (across all five categories: cost, performance, security, fault tolerance, service limits) require Business or above. Basic and Developer get only 7 core checks. This also comes up as a "select two" question: "which plans include the full Trusted Advisor check set?" โ Business, Enterprise On-Ramp, Enterprise.
The cost management tools are equally testable. Cost Explorer analyzes past spend and forecasts future spend. AWS Budgets sets alerts before you hit a threshold. Cost Anomaly Detection flags unusual spikes after they happen. Compute Optimizer gives rightsizing recommendations for EC2, EBS, Lambda, and Auto Scaling Groups. Inbound data transfer to AWS is free; outbound to the internet is charged.
Despite being the smallest domain, do not skip it entirely. At 12%, it accounts for roughly 8 questions. Getting most of them right is straightforward with targeted study, and those points can make the difference between 690 and 710.
What trips candidates up
Underestimating the "foundational" label. Some candidates report that the CLF-C02 is harder than expected due to the sheer breadth of services covered and the scenario-style question format. This is not a test you can pass with a weekend of casual reading. The "foundational" label means no hands-on experience is required; it does not mean the material is shallow.
Relying on a single study resource. Community reports consistently identify this as a failure pattern. Candidates who use only the official AWS training, or only one set of practice tests, often encounter unfamiliar material on exam day. The exam draws from a wide enough service catalog that no single resource covers everything at the depth required.
Treating the exam as purely conceptual. The CLF-C02 does not just ask "What is S3?" It asks "A company needs to store infrequently accessed data that must be retrievable within 12 hours. Which S3 storage class is most cost-effective?" If you studied definitions but not use cases, you will struggle with these scenario questions.
Failing to differentiate similar services. CloudFront versus CloudFormation. Direct Connect versus Amazon Connect. S3 Select versus Athena. These pairs are deliberately confusing, and the exam exploits that confusion. Create a comparison sheet and review it until the distinctions are automatic.
Using outdated CLF-C01 materials. Some candidates report that older study guides, particularly those published before September 2023, do not cover AI/ML services, the expanded security domain, or the new serverless topics. Before starting any resource, verify it specifically targets CLF-C02.
Deprecated services still appear on the exam. AWS retired Snowmobile in 2024, closed CodeCommit to new accounts in July 2024, closed Cloud9 to new accounts in 2024, and is sunsetting OpsWorks Stacks. None of that has been reflected in the CLF-C02 blueprint. If a practice test or the real exam asks about Snowmobile, answer it based on what it was โ a 100 PB shipping container for exabyte-scale migrations. The exam tests the blueprint, not current AWS product availability.
What NOT to study: Skip CLF-C01 materials entirely. The September 2023 overhaul changed domain weights, added entire topic areas (AI/ML, CAF, Savings Plans, serverless), and removed others. Some widely-shared free video courses still cover the older version. Check the date before you invest study time.
How to prepare
Foundation: Start with the AWS Cloud Practitioner Essentials course on AWS Skill Builder. It is free, takes approximately 7 hours, and covers the foundational concepts across all four domains. AWS also offers a free Exam Prep Standard Course (4.5 hours) that is specifically aligned to the CLF-C02 exam objectives. The primary weakness of both official courses is that they are easier than the real exam. They build a solid foundation but do not expose you to the scenario complexity you will face on test day.
Official study guide: Download the AWS Certified Cloud Practitioner Exam Guide (CLF-C02) PDF and use it as your study checklist. Every subtopic listed in the exam guide is fair game. Before scheduling your exam, verify that you can explain every service and concept mentioned in the guide.
Practice questions: Use the CertCompanion CLF-C02 question bank as your primary practice resource. Scenario-based practice is essential beyond what the official assessment offers because the real exam requires applied reasoning, not recall. Work through practice sets, review every wrong answer thoroughly, and build a targeted list of weak areas. Aim for consistent scores of 80 to 90% across multiple practice sessions before scheduling your exam. Some community members recommend targeting 90%+ on practice exams for a comfortable margin.
Official exam tools:
- AWS Cloud Quest: Cloud Practitioner (free, game-based learning on AWS Skill Builder)
- Cloud Essentials Knowledge Badge Assessment (free 50-question practice test on AWS Skill Builder)
- Official Practice Exam on AWS Skill Builder (requires subscription; 7-day free trial available)
- AWS Free Tier account for optional hands-on exploration of services mentioned in the exam guide
Multiple resources matter. Candidates who pass consistently report using a combination of video learning, practice exams, and official documentation. Take notes on every wrong practice answer and create a targeted review list in the final days before your exam.
Study timeline by background
| Background | Estimated Hours | Notes |
|---|---|---|
| Cloud-familiar IT professional (AWS, Azure, GCP) | 15โ30 hours | Focus on CLF-C02 additions: the 7 R's, AI/ML services, CAF perspectives, expanded security services. The concepts aren't new; the AWS-specific naming is. |
| IT background, no cloud experience | 40โ60 hours | Networking and security concepts transfer. Cloud-specific service catalog and the pricing model distinctions need to be built from scratch. |
| Non-technical / career changer | 60โ100 hours | Every concept is new. Budget 3โ4 weeks at 1โ2 hours per day. Service differentiation and scenario-based questions take the most time to develop intuition for. |
Exam-day tactics
Scheduling logistics: You can take the exam at a Pearson VUE test center or online via OnVUE proctoring. Some candidates report that for online proctored exams, you should ensure a private room with a closeable door, a quiet environment, and adequate internet speed (community reports suggest 5+ Mbps download and 3+ Mbps upload as minimums). If taking online, consider running the Pearson VUE system check at least 24 hours before your appointment. If you need to reschedule, some candidates note that booking 24+ hours ahead allows penalty-free rescheduling.
Time management: With 90 minutes for 65 questions, you have adequate time if you do not get stuck. Read each question thoroughly, including all answer options, before selecting. For scenario-based questions, identify the key constraint in the scenario first (cost optimization? high availability? security compliance?) and use that to eliminate wrong answers.
Skip and return strategy: Some candidates report success by flagging difficult questions and returning to them after completing easier ones. This approach ensures you collect all the straightforward points first and prevents a single hard question from consuming disproportionate time. The exam interface allows you to flag and review.
Elimination on scenario questions: Most scenario questions have one or two answer options that are clearly wrong once you identify the question's core requirement. If a question asks about cost optimization, any answer focused on performance without cost consideration can be eliminated. Narrow to two options and then evaluate carefully.
After the exam: You will receive a pass/fail result on screen immediately after completing the exam. Your detailed score report, including domain-level performance, typically becomes available in your AWS Certification account within a few business days. Your digital badge (through Credly) is issued after the score is officially posted.
After you pass
The AWS Certified Cloud Practitioner signals cloud literacy to employers and opens doors to cloud-adjacent roles. It won't move your salary on its own โ it's a gateway credential. The real value is as a foundation for associate-level certifications, which do show up in job requirements and salary negotiations. According to Glassdoor and LinkedIn data, US roles that list AWS certifications range from $65,000 for entry-level cloud associates to $175,000+ for experienced solutions architects โ but those higher-end roles require associate and professional certs, not this one.
The certification is valid for 3 years. To recertify, you can retake the current version of the Cloud Practitioner exam or pass any higher-level AWS certification exam before expiration.
The natural next steps after CLF-C02 depend on your career direction:
- AWS Certified Solutions Architect, Associate (SAA-C03): the most popular path for those moving toward architecture and design roles
- AWS Certified Developer, Associate: ideal for developers building applications on AWS
- AWS Certified SysOps Administrator, Associate: suited for operations-focused roles managing AWS environments
The Cloud Practitioner is primarily valuable as a gateway credential. It validates your understanding of the AWS ecosystem, but associate and professional-level certifications carry more weight in technical hiring decisions and salary negotiations.
What recent test-takers report
Based on community experience reports from 2024โ2025 sittings:
Topics that appeared on nearly every sitting:
- IAM โ users vs groups vs roles, MFA, root account best practices (never use for daily tasks, enable MFA, delete root access keys), least privilege
- Shared Responsibility Model โ usually 4โ6 questions, almost always scenario-based ("who is responsible for patching the OS on an EC2 running a NoSQL database?")
- EC2 purchasing options โ Spot vs Reserved vs Savings Plans vs On-Demand, always scenario-based ("lowest cost for interruptible batch jobs" โ Spot; "steady-state 24/7 app, flexible across instance families" โ Compute Savings Plan)
- S3 storage classes and minimum durations
- Security service identification: GuardDuty / Inspector / Macie
- Support plans โ usually 2โ3 questions, almost always on the designated TAM and Trusted Advisor distinctions
- Well-Architected Framework pillars โ "which pillar does this describe?" scenarios
- CAF perspectives โ Platform perspective owning data architecture comes up repeatedly
- AWS Organizations, Consolidated Billing, SCPs
Topics that CLF-C02 added that recent candidates confirm seeing:
- CAF perspectives directly tested (not just mentioned)
- Savings Plans scenarios (not on CLF-C01)
- Fargate, EKS, ECS in container/serverless scenarios
- Global Accelerator and Transit Gateway in networking questions
- Bedrock and Amazon Q appearing in 2025 sittings (lightly tested so far)
What candidates wish they'd known going in:
- Practice test scores feel discouraging at first. Keep going. The pattern recognition you're building is the point.
- The AWS official training is easier than the real exam. Don't mistake finishing it for being ready.
- 15 of the 65 questions are unscored pilot items. They look identical to real questions. Don't panic if a few feel oddly hard or off-topic.
- Aim for 85โ90% on practice exams before scheduling. People who scheduled at 75% practice scores consistently report barely passing or failing.
Frequently Asked Questions
How hard is the CLF-C02 exam? It is harder than most people expect from a foundational certification. The breadth of services covered, the scenario-based question format, and the expanded security domain make it a genuine study commitment. Some candidates with technical backgrounds still report needing weeks of dedicated preparation.
How many hours should I study for the CLF-C02? Some candidates report a range of approximately 33 to 60+ hours depending on background. Those with existing cloud experience may need significantly less time. Focus on consistent daily study over cramming, and use practice exam scores as your readiness indicator.
Does the CLF-C02 expire? Yes. The certification is valid for 3 years from the date you pass. You can recertify by retaking the exam or by passing a higher-level AWS certification before your credential expires.
Are there prerequisites for the CLF-C02? No. AWS does not require any prior certification, coursework, or experience. However, the exam content assumes basic understanding of IT concepts like networking, storage, and databases.
What score do I need to pass? You need a 700 out of 1000. AWS uses a scaled scoring model, so 700 does not mean 70% correct. The exact number of correct answers needed varies by exam form.
Is the CLF-C02 worth it for my career? It depends on your role. For project managers, sales professionals, and career changers entering cloud, it provides a credible proof of cloud knowledge. For experienced engineers, the associate-level certifications carry more weight. The CLF-C02 is most valuable as a first step, not a destination.
What happens if I fail? You can retake the exam after a 14-day waiting period (standard AWS retake policy). Review your score report to identify weak domains, focus your study on those areas, and ensure you are consistently scoring above 80% on practice exams before rescheduling.
What is the difference between CLF-C01 and CLF-C02? CLF-C02 replaced CLF-C01 in September 2023. Key changes include increased security domain weight (25% to 30%), addition of AI/ML and serverless topics, coverage of the AWS Cloud Adoption Framework, and a broader set of services. CLF-C01 study materials are outdated for the current exam.
The CLF-C02 is a broader exam than its foundational label suggests, but it is entirely passable with structured preparation and realistic practice. Focus on service differentiation, spend extra time on the security domain, verify your materials are post-September 2023, and do not schedule until your practice scores consistently land above 80%.
Start building exam readiness with the CertCompanion CLF-C02 practice questions.