A lot of exam prep starts with feature lists.

That is useful up to a point. You need to understand Claude, Claude Code, MCP, tool use, prompts, context windows, evaluation, and reliability patterns. But if you only study features, you can still miss the architectural question hiding inside the scenario.

For the CCA exam, I would study boundaries first.

The tool boundary

A tool is not safe because the agent can call it. A tool is safe when its scope, schema, error handling, and permissions match the job.

If a scenario describes an MCP server that exposes too much, returns vague errors, or mixes read and write operations too casually, the answer is probably not “make the prompt clearer”. The answer is more likely to narrow the tool, improve the contract, split responsibilities, or add review before a risky operation.

Feature knowledge tells you what MCP is. Boundary judgment tells you what should be exposed.

The context boundary

Context is not just more text.

A good architecture keeps track of which facts are source facts, which facts came from model output, and which assumptions still need verification. If a subagent invents missing detail, the fix is not to praise its creativity. The fix is to pass the right evidence, reduce ambiguity, or stop the workflow until the missing input exists.

That distinction matters in exam scenarios because many tempting answers add more context without improving trust.

The permission boundary

Claude Code can be powerful in a real repository. That is exactly why permissions matter.

An exam scenario may show a workflow that works well in a narrow case, then asks what should change before the team expands it. Be suspicious of answers that give the agent broader write access, skip review, or rely on a natural-language warning as the main control.

A safer architecture makes permissions explicit, scoped, reviewable, and reversible.

The review boundary

Human review is not a ceremonial checkbox. It is part of the system design.

The important question is where review belongs. Before a permission change? Before a merge? Before a tool can write data? Before a workflow moves from shadow mode into live operation?

The exam often rewards the answer that places review at the point of risk, not at the end when the damage is already hard to inspect.

A better way to read practice questions

When a CCA exam question feels dense, mark the boundaries in the scenario:

  • What can the agent see?
  • What can it change?
  • Which tool contract is vague?
  • Which facts are trusted?
  • Where does human review happen?
  • What evidence remains after the run?

Then read the answer choices. The best answer usually strengthens one of those boundaries.

That is the method behind Architect the Agent: The CCA-F Certification Guide. The book turns the exam domains into scenario practice, distractor analysis, and architecture decisions you can use outside the exam as well.

If you are preparing for the Claude Architect exam, the Leanpub guide is here.

This is an independent study guide and is not affiliated with Anthropic. Check the official exam materials for the latest exam details.