About This Domain
Domain 5 — Networking and Content Delivery — accounts for 18% of the SOA-C03 certification exam. This domain evaluates your understanding of vpc routing, subnets, nat gateways, internet gateways, security groups, nacls, vpc endpoints, and flow logs, dns operations with route 53 hosted zones, health checks, failover, resolver endpoints, and private hosted zones, hybrid connectivity using site-to-site vpn, direct connect, transit gateway, and route propagation, and related concepts. Domain 5 validates VPC connectivity, DNS, hybrid networking, load balancing, edge delivery, network security, and troubleshooting traffic flow. To pass this section you need practical knowledge of how these services and patterns work together in real-world architectures.
What You'll Be Tested On
- VPC routing, subnets, NAT gateways, internet gateways, security groups, NACLs, VPC endpoints, and flow logs
- DNS operations with Route 53 hosted zones, health checks, failover, resolver endpoints, and private hosted zones
- Hybrid connectivity using Site-to-Site VPN, Direct Connect, Transit Gateway, and route propagation
- Elastic Load Balancing health checks, listener rules, target groups, TLS, and cross-zone behavior
- Content delivery with CloudFront origins, cache policies, signed access, invalidations, logging, and origin failover
Key AWS Services in This Domain
Study Strategy for Domain 5
While 18% might seem like a smaller portion of the exam, every point counts toward the passing score. Focus on understanding core concepts and common exam scenarios for this domain. Don't neglect it — even a few missed questions here can make the difference between pass and fail.
Exam Tips for Domain 5
For VPC troubleshooting, follow the packet path: route tables, security groups, NACLs, DNS, endpoints, and network ACL return traffic.
Security groups are stateful; NACLs are stateless and need explicit inbound and outbound allowance.
Route 53 Resolver inbound endpoints let on-premises DNS query AWS; outbound endpoints forward AWS queries to on-premises DNS.
CloudFront cache behavior problems often come down to the cache key, origin request policy, TTLs, or invalidation requirements.
Frequently Asked Questions
How many questions on the SOA-C03 exam come from Domain 5?
Domain 5 (Networking and Content Delivery) makes up 18% of the SOA-C03 exam. The exam has 65 scored questions, so approximately 12 questions will come from this domain.
What services should I focus on for Domain 5?
The key services for this domain include Networking, VPC, Route 53, CloudFront, Load Balancing, Direct Connect, WAF & Shield. Make sure you understand how each service works, its use cases, and how they integrate with one another.
How should I prepare for Networking and Content Delivery questions?
Start by reviewing the key topics listed above, then practice with domain-specific questions. Focus on understanding real-world scenarios rather than memorizing facts. Use our practice quizzes to test your knowledge and review explanations for any questions you get wrong.
What's the best order to study the SOA-C03 domains?
Many candidates start with the highest-weighted domains first. For the SOA-C03 exam, the domains in order of weight are: Monitoring, Logging, Analysis, Remediation, and Performance Optimization (22%), Reliability and Business Continuity (22%), Deployment, Provisioning, and Automation (22%), Security and Compliance (16%), Networking and Content Delivery (18%). However, start with whichever domain aligns best with your existing experience.
Practice Domain 5 Questions
Test your knowledge of Networking and Content Delivery with practice questions from our SOA-C03 question bank.
Start Practice Quiz →