Content Domain 5: Networking and Content Delivery

Task 5.1: Implement and optimize networking features and connectivity.

Skill 5.1.1: Configure a VPC (for example, subnets, route tables, network ACLs, security groups, NAT gateways, internet gateway, egress-only internet gateway).
Skill 5.1.2: Configure private networking connectivity (for example, VPC endpoints, AWS PrivateLink, VPC peering).
Skill 5.1.3: Audit AWS network protection services (for example, Route 53 Resolver DNS Firewall, AWS WAF, AWS Shield, AWS Network Firewall) in a single account.
Skill 5.1.4: Optimize the cost of network architectures.

Skill 5.2.1: Configure DNS (for example, Route 53 Resolver).
Skill 5.2.2: Implement Route 53 routing policies, configurations, and query logging.
Skill 5.2.3: Configure content and service distribution (for example, CloudFront, AWS Global Accelerator).

Skill 5.3.1: Troubleshoot VPC configurations (for example, subnets, route tables, network ACLs, security groups, transit gateways, NAT gateways).
Skill 5.3.2: Collect and interpret networking logs to troubleshoot issues (for example, VPC flow logs, ELB access logs, AWS WAF web ACL logs, CloudFront logs, container logs).
Skill 5.3.3: Identify and remediate CloudFront caching issues.
Skill 5.3.4: Identify and troubleshoot hybrid connectivity issues and private connectivity issues.
Skill 5.3.5: Configure and analyze CloudWatch network monitoring services.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Content Domain 4: Security and Compliance

Mentions of AWS services on the exam