The AWS Certified Cloud Practitioner (CLF-C02) is the entry point to the AWS certification path. It's designed to be accessible — but that doesn't mean it's easy to pass without preparation. The exam is deliberately broad, and the questions are written to catch candidates who studied the topics without understanding the nuance.
If you're preparing for CLF-C02 in 2026, here's what you need to know.
What CLF-C02 actually tests
The exam covers four domains:
| Domain | Exam weight |
|---|---|
| Cloud Concepts | 24% |
| Security & Compliance | 30% |
| Cloud Technology & Services | 34% |
| Billing, Pricing & Support | 12% |
Cloud Technology & Services is the biggest domain and the most service-heavy — it tests your understanding of core AWS services across compute, storage, databases, networking, and more. Security & Compliance is the second largest and frequently the one candidates underestimate.
The exam is 90 minutes, 65 questions, $150. Passing score is 700/1000.
The three areas that trip most candidates up
1. Security & Compliance — the shared responsibility model
This is the most commonly tested concept across the entire exam. AWS's Shared Responsibility Model divides security into what AWS manages (security of the cloud — physical infrastructure, hardware, managed services) and what you manage (security in the cloud — your data, IAM, encryption settings, OS patches on EC2).
The exam asks this in dozens of ways. "Who is responsible for patching the OS on an EC2 instance?" (You.) "Who is responsible for patching the underlying hypervisor?" (AWS.) "Who manages encryption of data at rest in S3?" (You configure it — AWS provides the tools.) Learn the boundary clearly and don't confuse it under pressure.
2. Service identification — which AWS service for which use case
CLF-C02 doesn't ask you to configure services. It asks you to identify which service fits a described scenario. "A company needs to send transactional emails" — that's Amazon SES. "A company needs a managed NoSQL database" — that's DynamoDB. "A company needs to run code without managing servers" — that's Lambda.
The trap: AWS has dozens of services that sound similar. Candidates who studied broadly but shallowly get confused between services with overlapping functions (Redshift vs RDS vs Aurora, CloudWatch vs CloudTrail vs Config, SQS vs SNS vs EventBridge).
Study services in pairs and groups. Know the difference, not just the definition.
3. Pricing and billing — more specific than it looks
The Billing domain is only 12% but it's one of the most test-able areas. You need to know the difference between On-Demand, Reserved Instances, Savings Plans, and Spot — including when to recommend each. You need to know what AWS Cost Explorer, AWS Budgets, and the AWS Pricing Calculator do and how they differ.
Common mistake: candidates know what these tools are but don't know when to use each one. The exam asks scenario-based questions: "A company wants to receive an alert when their monthly bill exceeds $500" — that's AWS Budgets, not Cost Explorer.
How to structure your study
Week 1–2: Core concepts and service map Start with a structured overview course — Stephane Maarek's CLF-C02 course or Andrew Brown's free course on freeCodeCamp both cover the full syllabus. Don't try to memorise every service. Build a mental map: compute (EC2, Lambda, ECS), storage (S3, EBS, EFS, Glacier), databases (RDS, DynamoDB, Redshift), networking (VPC, CloudFront, Route 53).
Week 3: Security and billing deep dive These two domains together make up 42% of your score. Dedicate specific time to the shared responsibility model and to knowing every billing and support tool by function. Read the AWS free tier terms — they appear in questions.
Week 4: Practice questions by domain Don't jump to full practice exams. Work domain by domain. Find out if your gap is in Cloud Concepts, Security, Services, or Billing before you drill mixed questions. Full exams hide where your actual weaknesses are.
Final days: Timed full exams Run two or three full practice exams under time pressure. 65 questions in 90 minutes is comfortable — but only if you're not spending three minutes on each question. Flag and skip anything you're unsure about; come back at the end.
The most common reason people fail CLF-C02
They know what services exist but don't know when to use which one.
The exam doesn't test definitions. It tests judgment. "Which service would you use to decouple a monolithic application?" isn't answered by knowing what SQS is — it's answered by understanding the decoupling pattern and recognising SQS as the right fit.
The best preparation is practising scenario-based questions from the start — not as a final step, but throughout your study period. Each wrong answer tells you which concept to revisit.
Key resources
- Andrew Brown's CLF-C02 course on freeCodeCamp — free, comprehensive, well-structured
- Stephane Maarek's course on Udemy — paid, frequently discounted, highly recommended
- AWS official practice exam — $20, worth doing in the final week
- ExamCoach — adaptive CLF-C02 practice questions across all four domains, tracks which topics you're losing marks on
Know your weak domains before exam day
The most efficient way to prepare is to find out early where your gaps are and close them specifically — not to cover every topic at equal depth.
ExamCoach runs you through CLF-C02 questions by domain, maps your correct rate per topic, and surfaces your weakest areas after every session. After a few Daily Quizzes, you'll know exactly whether your gap is in Security, Services, or Billing — and you can focus your remaining study time accordingly.
Start practising CLF-C02 free →
ExamCoach covers AWS CLF-C02, CCNA, AZ-104, CompTIA Security+, CISSP, CFA Level 1, and more.