Domain 1 of 6 | 23% of Exam | CV0-004
CompTIA Cloud+ CV0-004 — Vendor-neutral cloud certification covering architecture, deployment, security, operations, troubleshooting, and DevOps fundamentals.
| Domain | Weight | Distribution |
|---|---|---|
| 1. Cloud Architecture ← THIS PAGE | 23% | |
| 2. Deployment | 19% | |
| 3. Security | 19% | |
| 4. Operations | 17% | |
| 5. Troubleshooting | 12% | |
| 6. DevOps Fundamentals | 10% |
8 detailed concept blocks covering every major topic in Domain 1 — Cloud Architecture.
Raw infrastructure — VMs, storage, networking. You manage: OS, runtime, middleware, applications, data. Provider manages: physical hardware, hypervisor, data center.
Examples: AWS EC2, Azure Virtual Machines, GCP Compute Engine
Managed platform — runtime and middleware handled by provider. You manage: application code and data only. Provider manages: OS, patching, scaling infrastructure.
Examples: AWS Elastic Beanstalk, Azure App Service, Google App Engine
Complete application delivered over the web. Provider manages everything — infrastructure, platform, and application. You manage: user accounts and data within the app.
Examples: Salesforce, Microsoft 365, Google Workspace
Event-driven compute — code executes in response to triggers with zero server management. You pay per execution, not per hour. Scales automatically to zero when idle.
Examples: AWS Lambda, Azure Functions, Google Cloud Functions
Resources owned and operated by a third-party provider, shared across many customers on shared infrastructure. Pros: elastic scalability, no capex, global reach, pay-as-you-go. Cons: less control, shared tenancy compliance concerns.
Dedicated infrastructure for one organization — either on-premises or hosted by a third party for exclusive use. Pros: full control, regulatory compliance, customization. Cons: high capex, ongoing maintenance burden.
Combination of public + private cloud with orchestrated connectivity between them. Classic use case: keep sensitive/regulated data on-premises private cloud, burst overflow workloads to public cloud during peak demand.
Using services from multiple public cloud providers simultaneously (e.g., AWS + Azure + GCP). Benefits: avoid vendor lock-in, use best-of-breed services from each provider, geographic redundancy. Challenges: operational complexity, cost management, multi-cloud skills gap.
Shared infrastructure for organizations with common requirements — e.g., government agencies sharing a FedRAMP-compliant cloud, or healthcare orgs sharing HIPAA-compliant infrastructure.
Software layer that creates and manages virtual machines (VMs) by abstracting physical hardware.
Isolated virtual compute instances each running a full guest OS. Heavyweight — full OS overhead. Strong isolation between VMs. Boot time: minutes. Size: GBs.
Isolated, logically defined virtual network within a public cloud — you control IP address ranges (CIDR), subnets, route tables, and gateways. Foundation of cloud network architecture.
Distributes cached static content (images, scripts, video) to edge locations globally — reduces latency by serving content from the closest point to the user. Examples: CloudFront, Azure CDN, Cloudflare.
Container filesystem is ephemeral — data is lost when the container stops. Use volumes (managed by Docker/orchestrator) or bind mounts (host directory) for persistent data that survives container restarts.
Automated lifecycle management of containers: scheduling (where to run), scaling (how many replicas), self-healing (replace failed containers), networking (service discovery), and storage management.
Cloud providers manage the K8s control plane (API server, etcd, scheduler) — you manage worker nodes and workloads.
Structured data with fixed schema, tables, and relationships. ACID-compliant for transactional data. Use for: e-commerce orders, financial records, user accounts.
Cloud examples: AWS RDS (MySQL, PostgreSQL, Oracle), Azure SQL Database, Google Cloud SQL
Distributed systems can guarantee at most 2 of 3 properties: Consistency (all nodes see same data), Availability (every request gets a response), Partition Tolerance (works despite network failures). Most cloud DBs choose AP (available + partition tolerant) or CP.
Place Redis or Memcached in front of the database to serve frequently-read data from memory — dramatically reduces database load and read latency. Common patterns: cache-aside, write-through.
Match instance type and size to actual workload resource consumption. Analyze CPU, memory, network, and disk utilization metrics — then downsize over-provisioned resources or upsize under-powered ones. First step before any pricing optimization.
Automatically adjust compute capacity based on real-time demand. Scale out = add instances. Scale in = remove instances. Policies: target tracking (maintain metric like 70% CPU), step scaling (tiered thresholds), scheduled scaling (known traffic patterns).
Six sticky mnemonics to lock in the most exam-critical concepts from Domain 1.
10 scenario-based questions — Cloud Architecture Domain 1 style.
12 cards — click any card to flip it and reveal the answer.
Personalized study plan for Domain 1 — select your background below.
You know on-premises infrastructure well. Your gaps are likely cloud-specific abstractions (VPC vs physical network), managed services, and Kubernetes.
Physical firewall → Security Groups + NACLs. Physical switch/router → VPC + route tables. Physical server → EC2/VM. Spend 1 hour mapping each familiar component to its cloud counterpart.
Stateful vs stateless is a guaranteed exam topic. Create flashcards: SG = stateful, instance-level, allow-only. NACL = stateless, subnet-level, allow + deny. Practice scenario questions.
K8s is likely your biggest gap. Focus on Pod → Deployment → Service → Ingress hierarchy. Understand why bare Pods aren't used in production (Deployments provide self-healing). Run minikube locally.
Translate your capacity planning mindset to cloud billing. Reserved = your "owned" servers equivalent. Spot = excess capacity at a discount. Right-sizing = server optimization you already do.
Practice hybrid vs multi-cloud scenario questions. Exam loves: "HIPAA data stays on-prem, analytics in cloud" → hybrid. "AWS for compute, Azure for identity, GCP for AI" → multi-cloud.
You likely know this from VMware experience. ESXi = Type 1 (bare-metal). VirtualBox = Type 2 (hosted). Confirm you can identify which is which from product name alone.
You're comfortable with containers and code. Your gaps are likely cloud networking fundamentals, database HA concepts, and billing optimization.
Developers often skip networking. For CV0-004: know VPC CIDR, public vs private subnets, Internet Gateway, NAT Gateway, Security Groups vs NACLs. Draw a 3-tier VPC architecture from memory.
You know Docker — now map it to K8s: Dockerfile → Pod spec. docker run → kubectl apply Deployment. docker network → K8s Service. docker-compose → Helm chart. Practice K8s YAML reading.
Multi-AZ = HA + failover (synchronous, no reads from standby). Read Replica = read scaling (asynchronous, not HA). This distinction appears in almost every Cloud+ practice exam.
Spot/Preemptible pricing fits your batch job and CI/CD workloads. Reserved Instances for always-on services. Practice cost optimization scenario questions — exam tests which pricing model fits which workload.
As a dev you use PaaS daily. Now articulate what YOU own vs provider. IaaS: you manage OS up. PaaS: app + data only. SaaS: users + data. This is frequently tested in Cloud+ scenarios.
You probably don't work with bare-metal hypervisors. 15-minute review: Type 1 = ESXi/Hyper-V/KVM (production data centers). Type 2 = VirtualBox/VMware Workstation (dev workstations). Done.
Start with fundamentals and build up. Prioritize the highest-weight concepts first and use hands-on labs to reinforce abstract concepts.
Before anything else: understand IaaS vs PaaS vs SaaS cold. Use the mnemonic "I Prefer Seeing Functionality." Sign up for AWS Free Tier and launch an EC2 instance (IaaS) and an Elastic Beanstalk app (PaaS) to feel the difference.
Public cloud: Netflix on AWS. Private cloud: a bank's internal data center. Hybrid: a hospital with on-prem patient records + cloud analytics. Multi-cloud: a company using AWS + Azure + GCP. Anchor abstract terms to real scenarios.
Create a free-tier VPC in AWS console. Add a public and private subnet. Observe how Security Groups work vs NACLs. The hands-on experience makes the stateful/stateless distinction click immediately.
Install Docker Desktop. Build a simple Dockerfile. Run a container. Then learn K8s concepts by mapping Docker → K8s. Don't try to learn K8s without Docker fundamentals — it won't stick.
For the exam, master: Pod (what runs your app), Deployment (manages pod count + self-healing), Service (stable endpoint for pods). Ingress, ConfigMap, Secrets are secondary. Don't get lost in K8s depth.
Create a comparison table: Multi-AZ (sync, HA, failover, no reads) vs Read Replica (async, read scale, not HA). CAP theorem: pick 2 of 3. Caching = Redis/Memcached in front of DB. Drill this until automatic.
Scenario questions in this domain test reasoning, not memorization. After each wrong answer, return to the concept block and re-read the relevant section. Track which topics you miss repeatedly — those are your study focus areas.
Official and high-quality study resources for CompTIA Cloud+ CV0-004.
Official certification page — exam details, objectives overview, and registration links from CompTIA.
Free official PDF — all 6 domains, sub-objectives, and exam weights. Essential reference for targeted study.
Complete set of interactive study pages covering all 6 Cloud+ CV0-004 domains.
