Deep ThoughtsBlog
← Back to all writing

Network+ Exam

Cloud Security

October 29, 2025

  • #network+

Cloud Security

VPC - virtual private cloud. used to provision a logically isolated separation of cloud resources.

Infrastructure as code - includes the prvisionising of archeceture twhere the deployment of resources is doen by scripted automation.

subnets - A range with a virtal prive cloud you can allocate to the resources youe using.

route tables - Route tables contains a set of rules calls routes that determine where network traffic is directed by switches and routers within the virtual private cloud. Each subnet must have. route tble.

internet gateways - A horizontally scalable redundant, and highly available Virtal priave clud componet tht allows communication between instances in the vpc and the internet.

NAT(network address translation gateway) -used to ebabe instances in a private subnet to connect to the internet and other cloud servies. Translates public to private ip.

Network ACL Access control list - similar to traditional lnetwork firewalls bu tin the cloud. uses customized rules for network gtraffic.

Inboudn rules - controls traffic that allowed to enter

outbound rules - controls traffic that allowd to leave

securty groups and ndetwork access control lists are two types of firewalls.

Security groups - designed to function at the instance level with the vpc security groups are concered to act like a stateful firewall.

The use of both network ACLs and security groups offers a lot of different security advantages. creates a multi layer defencs.

VPC Peering network connection between teo VPCs that enable routing traffic between them priveatly

vpc endpoints - allows private onnective connectivity to servies hosted from awc within the vpc, will not need to go to an inernate gateway

VPN connecions - can be created bettween the VPC and network and the VPC to another VPC

Routers, firewalls, unified, thread management, switches are all software based in the cloud.

Allows to fully automate deployments in the cloud.

Ensure theat the vpc has been properly securied before using in the production environment.