NetworkingNetwork+

Cloud Concepts for CompTIA Network+ N10-009

Cloud computing is explicitly tested on CompTIA Network+ N10-009 as part of Networking Concepts (Domain 1). You must understand the three service models (IaaS, PaaS, SaaS), deployment models (public, private, hybrid, community), and cloud-specific networking concepts like virtual networks, cloud gateways, and the shared responsibility model. Expect 4–6 questions covering cloud terminology, deployment decisions, and networking in cloud environments.

9 min

3 sections · 7 exam key points

2 practice questions

Cloud Service Models

IaaS (Infrastructure as a Service) provides virtualized compute, storage, and networking resources. The customer manages the OS, applications, and data. Examples: AWS EC2, Azure VMs, Google Compute Engine. The provider manages physical hardware, hypervisors, and basic networking. Use IaaS when you need full OS control but don't want physical hardware.

PaaS (Platform as a Service) provides a managed platform for deploying applications. The provider manages the OS and runtime environment; the customer manages applications and data. Examples: AWS Elastic Beanstalk, Azure App Service, Google App Engine, Heroku. Use PaaS when you want to deploy code without managing servers.

SaaS (Software as a Service) provides fully managed applications delivered over the internet. The customer only manages their data and user settings. Examples: Microsoft 365, Google Workspace, Salesforce, Dropbox. The provider manages everything else. Use SaaS when you need ready-to-use applications without any infrastructure management.

Cloud Deployment Models

Public cloud resources are owned and operated by a third-party provider, shared among multiple customers (multi-tenant), and accessed via the internet. Lower cost, high scalability, no capital expenditure. Examples: AWS, Azure, Google Cloud.

Private cloud is dedicated infrastructure operated for a single organization — either on-premises or hosted. More control, better security compliance, higher cost. Used by regulated industries (healthcare, finance) needing data sovereignty.

Hybrid cloud combines public and private cloud, connected by secure links (VPN or dedicated circuits like AWS Direct Connect or Azure ExpressRoute). Enables 'cloud bursting' — using public cloud for overflow capacity while keeping sensitive data on-premises.

Community cloud is shared infrastructure for a specific community with common requirements (e.g., government agencies, healthcare organizations). Less common but explicitly listed in Network+ exam objectives.

Cloud Networking Concepts

Virtual Private Cloud (VPC) / Virtual Network (VNet): a logically isolated network within the public cloud where you control IP address ranges, subnets, routing, and security groups. Cloud gateways provide connectivity between on-premises networks and cloud VPCs — internet gateways for public access, VPN gateways for encrypted tunnels, and dedicated circuit options for private connectivity.

Elastic/scalable networking: cloud resources scale automatically based on demand. Load balancers distribute traffic across cloud instances. Content Delivery Networks (CDNs) cache content geographically close to users to reduce latency. SD-WAN (Software-Defined WAN) is increasingly used to optimize connectivity between branches and cloud resources.

The Shared Responsibility Model defines security obligations: the cloud provider is always responsible for physical infrastructure; the customer is always responsible for data and access management. The boundary for OS and application responsibility shifts depending on the service model (IaaS: customer owns OS; PaaS: provider owns OS; SaaS: provider owns everything above infrastructure).

Cloud Service Model Responsibility

Responsibility	IaaS	PaaS	SaaS
Physical hardware	Provider	Provider	Provider
Hypervisor/network	Provider	Provider	Provider
Operating system	Customer	Provider	Provider
Runtime/middleware	Customer	Provider	Provider
Application	Customer	Customer	Provider
Data	Customer	Customer	Customer
Access control	Customer	Customer	Customer

Key exam facts — Network+

IaaS = customer manages OS and up; PaaS = customer manages app and data; SaaS = customer manages only data
Public cloud = multi-tenant, shared infrastructure; private cloud = dedicated, single organization
Hybrid cloud connects on-premises to public cloud via VPN or dedicated circuit
VPC/VNet = isolated virtual network within public cloud
CDN reduces latency by caching content at geographically distributed edge locations
Shared responsibility: provider always owns physical; customer always owns their data
Cloud bursting = using public cloud for overflow capacity from private cloud

Common exam traps

SaaS gives customers full control of the application

SaaS customers control only their data and user-level settings — the provider controls the application, runtime, OS, and hardware

Private cloud means on-premises

Private cloud can be hosted by a third-party provider but is dedicated exclusively to one organization — 'private' refers to single-tenancy, not physical location

Cloud networks are automatically secure

Cloud providers secure the physical infrastructure, but customers must configure security groups, network ACLs, encryption, and access controls — security is a shared responsibility

Practice questions — Cloud Concepts

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A company wants to use a cloud service where they deploy their own code but do not manage the operating system or server infrastructure. Which cloud model best fits this requirement?

A.IaaS

B.PaaS

C.SaaS

D.Private cloud

Explanation: PaaS (Platform as a Service) provides a managed environment where customers deploy their applications without managing the OS or underlying infrastructure. The provider manages the runtime, OS, and hardware. IaaS requires managing the OS; SaaS provides ready-made applications with no deployment needed.

Q2.Which cloud deployment model provides resources shared between multiple organizations that have common requirements, such as government agencies?

A.Public cloud

B.Private cloud

C.Hybrid cloud

D.Community cloud

Explanation: A community cloud is shared infrastructure provisioned for exclusive use by a specific community of organizations with shared concerns (e.g., compliance requirements, mission, or security policy). Government agencies sharing a cloud deployment is the classic example. Public cloud is open to all; private is for one organization; hybrid combines private and public.

Frequently asked questions — Cloud Concepts

What is the difference between cloud and virtualization?

Virtualization is the technology that creates virtual versions of compute, storage, or network resources on physical hardware. Cloud is a delivery model for consuming those virtualized resources — typically self-service, on-demand, scalable, and metered. You can have virtualization without cloud (a VMware lab), but cloud relies on virtualization underneath.

What cloud topics are specifically tested on Network+ N10-009?

Network+ tests: service models (IaaS/PaaS/SaaS), deployment models (public/private/hybrid/community), cloud networking concepts (VPC, cloud gateways, VPN connectivity), shared responsibility model, and cloud-specific devices (virtual firewalls, software-defined networking, cloud load balancers). Not tested: deep AWS/Azure/GCP configuration — that is Cloud+ territory.

Practice this topic

Network+practice questions

Test yourself on Cloud Concepts

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime