Unit IV

Design patterns eliminate the need for encryption by standardizing interfaces.

Security design patterns provide reusable solutions to recurring cloud vulnerabilities.

Cloud design patterns are primarily focused on UI/UX improvement.

Design patterns in the cloud are used only for system performance optimization.

Availability of redundant VPN gateways

Interoperability between private and public clouds

The geographic proximity of data centers

Type of hypervisor used in private cloud

Cloud bursting

Elastic load balancing

Proxy gateway filtering

Geo-tagging

Data redundancy failure

Unauthorized location inference and profiling

Credential replay attacks

Denial-of-Service from remote endpoints

Proxy → VPN → Firewall → CASB → SIEM

SIEM → CASB → Firewall → Proxy → VPN

VPN → Proxy → CASB → Firewall → SIEM

Firewall → Proxy → VPN → CASB → SIEM

Authenticates only once per session.

Trusts users based on network location.

Dynamically verifies every access request based on identity and context.

Allows implicit trust for devices inside the local subnet.

Firewall, IDS/IPS, Proxy Server

VPN, Load Balancer, API Gateway

Attribute Authority, Secure Token Service, IAM

MFA, Cloud DNS, CASB

Filtering and authenticating API requests before granting access

Encrypting data at rest

Balancing workloads across multiple clouds

Storing cryptographic keys for clients

A company encrypting all traffic using IPsec tunnels

A cloud service provider offering burst capacity on demand

A data center applying a zero trust access model

A firm isolating guest Wi-Fi traffic from internal business systems

Cloud Firewall

Federated Identity

Geo-tagging

Elastic Scaling