This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 4.1 of Data Protection for Cloud Infrastructure
Symmetric/asymmetric encryption, AES modes, envelope encryption, data states, and post-quantum standards.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
NIST SP 800-175B: Guideline for Using Cryptographic Standards
NIST guidance on selecting and using approved cryptographic algorithms and modes.
NIST SP 800-175B: Guideline for Using Cryptographic Standards
NIST guidance on selecting and using approved cryptographic algorithms and modes.
NIST Post-Quantum Cryptography Standards (FIPS 203, 204, 205)
NIST post-quantum cryptography project page with links to FIPS 203, 204, and 205 standards.
NIST Post-Quantum Cryptography Standards (FIPS 203, 204, 205)
NIST post-quantum cryptography project page with links to FIPS 203, 204, and 205 standards.
AWS KMS Encryption Context and Envelope Encryption
AWS KMS developer guide explaining envelope encryption, data keys, and encryption context.
AWS KMS Encryption Context and Envelope Encryption
AWS KMS developer guide explaining envelope encryption, data keys, and encryption context.
Google Cloud Encryption at Rest Whitepaper
Google Cloud technical whitepaper on default encryption implementation across all GCP services.
Google Cloud Encryption at Rest Whitepaper
Google Cloud technical whitepaper on default encryption implementation across all GCP services.
Quadrant 4 · Self-Assessment
Data Protection in the Cloud
Envelope encryption, AES modes, post-quantum cryptography, tokenisation, PKI, key management models, and IAM.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.