DDoS Architecture Patterns
RCCE students will learn distributed denial of service attack types, detection, and mitigation including volumetric attacks, protocol attacks, application-layer attacks, and DDoS response procedures. RCCE students will learn to classify DDoS attack types by vector and layer, implement DDoS mitigation architectures using CDNs, scrubbing centers, and cloud-based protection services, configure rate limiting and traffic shaping, detect DDoS attacks through traffic analysis and anomaly detection, execute DDoS response procedures during active attacks, conduct post-attack analysis, and design resilient architectures that maintain availability during DDoS campaigns. This architecture course teaches secure system design using proven patterns, guardrails, and reference architectures. At an expert level, RCCE students will learn to evaluate design options against security requirements, make informed trade-off decisions, and build systems that are resilient by design. Students gain the architectural thinking skills needed for security engineering and solution design roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing DDoS Architecture Patterns
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for learning objectives — covering Volumetric, protocol, application-layer, vectors to OSI layers.
- Design a scalable privilege management architecture with policy and enforcement, including CDN-based absorption, and Scrubbing center integration.
- Execute hands-on tasks for classify ddos attack types — covering Volumetric, protocol, application-layer, vectors to OSI layers.
- Execute hands-on tasks for configure traffic controls — covering Rate limiting policies, Traffic shaping algorithms.
- Build detections and response workflows for privilege escalation, including Active attack detection, and Incident response playbooks.
- Execute hands-on tasks for the ddos threat landscape
- Execute hands-on tasks for multi-vector attacks
- Execute hands-on tasks for largest recorded attack
- Execute hands-on tasks for avg cost per hour downtime
- Execute hands-on tasks for evolving threat — covering IoT botnets expanding attack surface, DDoS-for-hire commoditizing attacks.
- Execute hands-on tasks for business impact — covering Revenue loss during outages, Brand and reputation damage.
| Module 01 | DDoS Architecture Patterns |
| Module 02 | Learning Objectives |
| Module 03 | Implement Mitigation Architectures |
| Module 04 | Classify DDoS Attack Types |
| Module 05 | Configure Traffic Controls |
| Module 06 | Execute Response Procedures |
| Module 07 | The DDoS Threat Landscape |
| Module 08 | Multi-Vector Attacks |
| Module 09 | Largest Recorded Attack |
| Module 10 | Avg Cost Per Hour Downtime |
| Module 11 | Evolving Threat |
| Module 12 | Business Impact |
| Module 13 | Measured in Gbps/Tbps |
| Module 14 | Attack Vector |
All hands-on labs run on Rocheston Rose X OS. Students practice ddos architecture patterns by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Design a scalable privilege management architecture with policy and enforcement
- Lab 2: Execute hands-on tasks for learning objectives
- Lab 3: Design a scalable privilege management architecture with policy and enforcement
- Lab 4: Execute hands-on tasks for classify ddos attack types
- Lab 5: Execute hands-on tasks for configure traffic controls
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for DDoS Architecture Patterns, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI