This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 1.8 of Cloud Computing Fundamentals and Architecture
VPC design, public vs private subnet tiers, Security Groups vs NACLs, microsegmentation, SDN programming model, and DDoS protection services.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
AWS VPC Security Best Practices
Official AWS guidance on VPC design, Security Groups, NACLs, and flow logs.
AWS VPC Security Best Practices
Official AWS guidance on VPC design, Security Groups, NACLs, and flow logs.
CIS AWS Foundations Benchmark
CIS benchmark with detailed controls for VPC, network, and account configuration.
CIS AWS Foundations Benchmark
CIS benchmark with detailed controls for VPC, network, and account configuration.
NSA Cloud Security Best Practices
NSA/CISA guidance on cloud network security, microsegmentation, and logging.
NSA Cloud Security Best Practices
NSA/CISA guidance on cloud network security, microsegmentation, and logging.
AWS Shield: DDoS Protection
AWS Shield Standard and Advanced capabilities for DDoS mitigation at Layers 3, 4, and 7.
AWS Shield: DDoS Protection
AWS Shield Standard and Advanced capabilities for DDoS mitigation at Layers 3, 4, and 7.
Quadrant 4 · Self-Assessment
Foundations of Cloud Computing
NIST SP 800-145, service models, deployment models, shared responsibility, virtualisation, and migration strategies.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.