AWS SAP-C02 Certification Exam Syllabus and Study Guide (2023)

Table of Contents
Design Solutions for Organizational Complexity - 26% Design for New Solutions - 29% Continuous Improvement for Existing Solutions - 25% Accelerate Workload Migration and Modernization - 20%

Design Solutions for Organizational Complexity - 26%

Architect network connectivity strategies.Knowledge of:
  • AWS global infrastructure
  • AWS networking concepts (for example, Amazon VPC, AWS Direct Connect, AWS VPN, transitive routing, AWS container services)
  • Hybrid DNS concepts (for example, Amazon Route 53 Resolver, on-premises DNS integration)
  • Network segmentation (for example, subnetting, IP addressing, connectivity among VPCs)
  • Network traffic monitoring

Skills in:

  • Evaluating connectivity options for multiple VPCs
  • Evaluating connectivity options for on-premises, co-location, and cloud integration
  • Selecting AWS Regions and Availability Zones based on network and latency requirements
  • Troubleshooting traffic flows by using AWS tools
  • Utilizing service endpoints for service integrations
Prescribe security controls.Knowledge of:
  • AWS Identity and Access Management (IAM) and AWS Single Sign-On
  • Route tables, security groups, and network ACLs
  • Encryption keys and certificate management (for example, AWS Key Management Service [AWS KMS], AWS Certificate Manager [ACM])
  • AWS security, identity, and compliance tools (for example, AWS CloudTrail, AWS Identity and Access Management Access Analyzer, AWS Security Hub, Amazon Inspector)

Skills in:

  • Evaluating cross-account access management
  • Integrating with third-party identity providers
  • Deploying encryption strategies for data at rest and data in transit
  • Developing a strategy for centralized security event notifications and auditing
Design reliable and resilient architectures.Knowledge of:
  • Recovery time objectives (RTOs) and recovery point objectives (RPOs)
  • Disaster recovery strategies (for example, using AWS Elastic Disaster Recovery [CloudEndure Disaster Recovery], pilot light, warm standby, and multi-site)
  • Data backup and restoration

Skills in:

  • Designing disaster recovery solutions based on RTO and RPO requirements
  • Implementing architectures to automatically recover from failure
  • Developing the optimal architecture by considering scale-up and scale-out options
  • Designing an effective backup and restoration strategy
Design a multi-account AWS environment.Knowledge of:
  • AWS Organizations and AWS Control Tower
  • Multi-account event notifications
  • AWS resource sharing across environments

Skills in:

  • Evaluating the most appropriate account structure for organizational requirements
  • Recommending a strategy for central logging and event notifications
  • Developing a multi-account governance model
Determine cost optimization and visibility strategies.Knowledge of:
  • AWS cost and usage monitoring tools (for example, AWS Trusted Advisor, AWS Pricing Calculator, AWS Cost Explorer, AWS Budgets)
  • AWS purchasing options (for example, Reserved Instances, Savings Plans, Spot Instances)
  • AWS right-sizing visibility tools (for example, AWS Compute Optimizer, Amazon S3 Storage Lens)

Skills in:

See Also
SAP Course: Details, Full Form, Eligibility, Syllabus, Career, Fees, Scope, and More - CoursesXpertSAP Course Details – Fee, Duration, Eligibility, Salary & Job, Career OptionsSAP Course Syllabus | Authorised SAP Training Partner | Delphi ComputechSAP CO Training | SAP Controlling (With Case Studies) - Skillstek

  • Monitoring cost and usage with AWS tools
  • Developing an effective tagging strategy that maps costs to business units
  • Understanding how purchasing options affect cost and performance

Design for New Solutions - 29%

Design a deployment strategy to meet business requirements.Knowledge of:
  • Infrastructure as code (IaC) (for example, AWS CloudFormation)
  • Continuous integration/continuous delivery (CI/CD)
  • Change management processes
  • Configuration management tools (for example, AWS Systems Manager)

Skills in:

  • Determining an application or upgrade path for new services and features
  • Selecting services to develop deployment strategies and implement appropriate rollback mechanisms
  • Adopting managed services as needed to reduce infrastructure provisioning and patching overhead
  • Making advanced technologies accessible by delegating complex development and deployment tasks to AWS
Design a solution to ensure business continuity.Knowledge of:
  • AWS global infrastructure
  • AWS networking concepts (for example, Route 53, routing methods)
  • RTOs and RPOs
  • Disaster recovery scenarios (for example, backup and restore, pilot light, warm standby, multi-site)
  • Disaster recovery solutions on AWS

Skills in:

  • Configuring disaster recovery solutions
  • Configuring data and database replication
  • Performing disaster recovery testing
  • Architecting a backup solution that is automated, is cost-effective, and supports business continuity across multiple Availability Zones and/or AWS Regions
  • Designing an architecture that provides application and infrastructure availability in the event of a disruption
  • Leveraging processes and components for centralized monitoring to proactively recover from system failures
Determine security controls based on requirements.Knowledge of:
  • IAM
  • Route tables, security groups, and network ACLs
  • Encryption options for data at rest and data in transit
  • AWS service endpoints
  • Credential management services
  • AWS managed security services (for example, AWS Shield, AWS WAF, Amazon GuardDuty, AWS Security Hub)

Skills in:

  • Specifying IAM users and IAM roles that adhere to the principle of least privilege access
  • Specifying inbound and outbound network flows by using security group rules and network ACL rules
  • Developing attack mitigation strategies for large-scale web applications
  • Developing encryption strategies for data at rest and data in transit
  • Specifying service endpoints for service integrations
  • Developing strategies for patch management to remain compliant with organizational standards
Design a strategy to meet reliability requirements.Knowledge of:
  • AWS global infrastructure
  • AWS storage services and replication strategies (for example Amazon S3, Amazon RDS, Amazon ElastiCache)
  • Multi-AZ and multi-Region architectures
  • Auto scaling policies and events
  • Application integration (for example, Amazon Simple Notification Service [Amazon SNS], Amazon Simple Queue Service [Amazon SQS], AWS Step Functions)
  • Service quotas and limits

Skills in:

  • Designing highly available application environments based on business requirements
  • Leveraging advanced techniques to design for failure and ensure seamless system recoverability
  • Implementing loosely coupled dependencies
  • Operating and maintaining high-availability architectures (for example, application failovers, database failovers)
  • Leveraging AWS managed services for high availability
  • Implementing DNS routing policies (for example, Route 53 latency-based routing, geolocation routing, simple routing)
Design a solution to meet performance objectives.Knowledge of:
  • Performance monitoring technologies
  • Storage options on AWS
  • Instance families and use cases
  • Purpose-built databases

Skills in:

See Also
What is SAP Certification, Exam PreparationBest SAP Course Changanassery | No1 SAP Training Center

  • Designing large-scale application architectures for a variety of access patterns
  • Designing an elastic architecture based on business objectives
  • Applying design patterns to meet performance objectives with caching, buffering, and replicas
  • Developing a process methodology for selecting purpose-built services for required tasks
  • Designing a right-sizing strategy
Determine a cost optimization strategy to meet solution goals and objectives.Knowledge of:
  • AWS cost and usage monitoring tools (for example, Cost Explorer, Trusted Advisor, AWS Pricing Calculator)
  • Pricing models (for example, Reserved Instances, Savings Plans)
  • Storage tiering
  • Data transfer costs
  • AWS managed service offerings

Skills in:

  • Identifying opportunities to select and right size infrastructure for cost-effective resources
  • Identifying appropriate pricing models
  • Performing data transfer modeling and selecting services to reduce data transfer costs
  • Developing a strategy and implementing controls for expenditure and usage awareness

Continuous Improvement for Existing Solutions - 25%

Determine a strategy to improve overall operational excellence.Knowledge of:
  • Alerting and automatic remediation strategies
  • Disaster recovery planning
  • Monitoring and logging solutions (for example, Amazon CloudWatch)
  • CI/CD pipelines and deployment strategies (for example, blue/green, all-at-once, rolling)
  • Configuration management tools (for example, Systems Manager)

Skills in:

  • Determining the most appropriate logging and monitoring strategy
  • Evaluating current deployment processes for improvement opportunities
  • Prioritizing opportunities for automation within a solution stack
  • Recommending the appropriate AWS solution to enable configuration management automation
  • Engineering failure scenario activities to support and exercise an understanding of recovery actions
Determine a strategy to improve security.Knowledge of:
  • Data retention, data sensitivity, and data regulatory requirements
  • Automated monitoring and remediation strategies (for example, AWS Config rules)
  • Secrets management (for example, Systems Manager, AWS Secrets Manager)
  • Principle of least privilege access
  • Security-specific AWS solutions
  • Patching practices
  • Backup practices and methods

Skills in:

  • Evaluating a strategy for the secure management of secrets and credentials
  • Auditing an environment for least privilege access
  • Reviewing implemented solutions to ensure security at every layer
  • Reviewing comprehensive traceability of users and services
  • Prioritizing automated responses to the detection of vulnerabilities
  • Designing and implementing a patch and update process
  • Designing and implementing a backup process
  • Employing remediation techniques
Determine a strategy to improve performance.Knowledge of:
  • High-performing systems architectures (for example, auto scaling, instance fleets, and placement groups)
  • Global service offerings (for example, AWS Global Accelerator, Amazon CloudFront, and edge computing services)
  • Monitoring tool sets and services (for example, CloudWatch)
  • Service level agreements (SLAs) and key performance indicators (KPIs)

Skills in:

  • Translating business requirements to measurable metrics
  • Testing potential remediation solutions and making recommendations
  • Proposing opportunities for the adoption of new technologies and managed services
  • Assessing solutions and applying right sizing based on requirements
  • Identifying and examining performance bottlenecks
Determine a strategy to improve reliability.Knowledge of:
  • AWS global infrastructure
  • Data replication methods
  • Scaling methodologies (for example, load balancing, auto scaling)
  • High availability and resiliency
  • Disaster recovery methods and tools
  • Service quotas and limits

Skills in:

  • Understanding application growth and usage trends
  • Evaluating existing architecture to determine areas that are not sufficiently reliable
  • Remediating single points of failure
  • Enabling data replication, self-healing, and elastic features and services
Identify opportunities for cost optimizations.Knowledge of:
  • Cost-conscious architecture choices (for example, utilizing Spot Instances, scaling policies, and right-sizing resources)
  • Price model adoptions (for example, Reserved Instances, Savings Plans)
  • Networking and data transfer costs
  • Cost management, alerting, and reporting

Skills in:

  • Analyzing usage reports to identify underutilized and overutilized resources
  • Utilizing AWS solutions to identify unused resources
  • Designing billing alarms based on expected usage patterns
  • Investigating AWS Cost and Usage Reports at a granular level
  • Utilizing tagging for cost allocation and reporting

Accelerate Workload Migration and Modernization - 20%

Select existing workloads and processes for potential migration.Knowledge of:
  • Migration assessment and tracking tools (for example, AWS Migration Hub)
  • Portfolio assessment
  • Asset planning
  • Prioritization and migration of workloads (for example, wave planning)

Skills in:

  • Completing an application migration assessment
  • Evaluating applications according to the seven common migration strategies (7Rs)
  • Evaluating total cost of ownership (TCO)
Determine the optimal migration approach for existing workloads.Knowledge of:
  • Data migration options and tools (for example, AWS DataSync, AWS Transfer Family, AWS Snow Family, S3 Transfer Acceleration)
  • Application migration tools (for example, AWS Application Discovery Service, AWS Application Migration Service [CloudEndure Migration], AWS Server Migration Service [AWS SMS])
  • AWS networking services and DNS (for example, Direct Connect, AWS Site-to-Site VPN, Route 53)
  • Identity services (for example, AWS SSO, AWS Directory Service)
  • Database migration tools (for example, AWS Database Migration Service [AWS DMS], AWS Schema Conversion Tool [AWS SCT])
  • Governance tools (for example, AWS Control Tower, Organizations)

Skills in:

  • Selecting the appropriate database transfer mechanism
  • Selecting the appropriate application transfer mechanism
  • Selecting the appropriate data transfer service and migration strategy
  • Applying the appropriate security methods to migration tools
  • Selecting the appropriate governance model
Determine a new architecture for existing workloads.Knowledge of:
  • Compute services (for example, Amazon EC2, AWS Elastic Beanstalk)
  • Containers (for example, Amazon Elastic Container Service [Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS], AWS Fargate, Amazon Elastic Container Registry [Amazon ECR])
  • AWS storage services (for example, Amazon Elastic Block Store [Amazon EBS], Amazon Elastic File System [Amazon EFS], Amazon FSx, Amazon S3, Volume Gateway)
  • Databases (for example, Amazon DynamoDB, Amazon OpenSearch Service [Amazon Elasticsearch Service], Amazon RDS, self-managed databases on Amazon EC2)

Skills in:

  • Selecting the appropriate compute platform
  • Selecting the appropriate container hosting platform
  • Selecting the appropriate storage service
  • Selecting the appropriate database platform
Determine opportunities for modernization and enhancements.Knowledge of:
  • Serverless compute offerings (for example, AWS Lambda)
  • Containers (for example, Amazon ECS, Amazon EKS, AWS Fargate)
  • AWS storage services (for example, Amazon S3, Amazon EFS)
  • Purpose-built databases (for example, DynamoDB, Amazon Aurora Serverless, ElastiCache)
  • Integration service (for example, Amazon SQS, Amazon SNS, Amazon EventBridge [Amazon CloudWatch Events], Step Functions)

Skills in:

  • Identifying opportunities to decouple application components
  • Identifying opportunities for serverless solutions
  • Selecting the appropriate service for containers
  • Identifying opportunities for purpose-built databases
  • Selecting the appropriate application integration service
Top Articles
Latest Posts
Article information

Author: Twana Towne Ret

Last Updated: 02/13/2023

Views: 5847

Rating: 4.3 / 5 (44 voted)

Reviews: 83% of readers found this page helpful

Author information

Name: Twana Towne Ret

Birthday: 1994-03-19

Address: Apt. 990 97439 Corwin Motorway, Port Eliseoburgh, NM 99144-2618

Phone: +5958753152963

Job: National Specialist

Hobby: Kayaking, Photography, Skydiving, Embroidery, Leather crafting, Orienteering, Cooking

Introduction: My name is Twana Towne Ret, I am a famous, talented, joyous, perfect, powerful, inquisitive, lovely person who loves writing and wants to share my knowledge and understanding with you.