Cloud shows up on the CompTIA A+ 220-1101 exam because techs face it every day. In simple terms, a cloud is a way to run computing resources over a network instead of on a local device. Objective 4.2 tests whether you can describe where cloud resources live and what the provider manages for you.
In this section, you'll learn to tell deployment models apart: private cloud (one organization), public cloud (shared provider), hybrid cloud (a mix of private and public), and community cloud (shared by groups with similar needs). That matters when you're asked where an app should run, why data can't leave a private environment, or how to connect on-prem systems to cloud services.
You'll also map service models to real support work. IaaS covers virtual servers, storage, and networks; SaaS delivers ready-to-use apps; PaaS provides a managed platform for building and deploying software. After reading, you should be able to explain user access options, plus who's responsible for updates, backups, and security in each model.

Start with the big picture, deployment models explain where the cloud runs
Before you sort out IaaS, PaaS, and SaaS, get clear on deployment models. A deployment model answers a basic question: where does the cloud actually run, and who shares it? On the CompTIA A+ exam, this often shows up as short scenarios about data ownership, compliance limits, cost, and how quickly a business needs to scale.
Think of deployment models like housing options. Some teams want a private home with strict rules. Others prefer an apartment building with shared services and quick move-in. Many businesses end up with a mix, because real requirements rarely fit one box.
Private cloud, cloud services built for one organization
A private cloud runs cloud-style services for one organization. That single organization controls the environment's policies, access, and security design. In other words, you get cloud features (self-service, pooled resources, automation) without sharing the underlying cloud with other companies.
Location can vary. A private cloud can live on-premises in your own data center, or it can be hosted by a provider in their facility. The key point is not the building. The key point is single organization control and dedicated use.
Teams choose private cloud for practical reasons:
- Control and customization: You can tune network rules, segmentation, logging, and change windows to match internal standards.
- Data rules: Some data sets must stay in a tightly governed environment for legal or contract reasons.
- Integration needs: Legacy apps sometimes require specific network designs or older dependencies.
However, tradeoffs matter. Private cloud usually costs more because you pay for dedicated hardware, licensing, and space. You also need staff time for patching, capacity planning, monitoring, and incident response. Scaling can be slower too, since you can't instantly add a new data center when demand spikes.
A beginner-friendly example is an internal VM farm that your company runs on a large virtualization cluster (for example, a VMware or Hyper-V environment) with a self-service portal for teams. It behaves like "cloud" internally, but it still belongs to one company.
Private cloud usually means more control, but also more responsibility.
Exam clue: Look for "single-tenant," "dedicated," or "for one organization."
Public cloud, shared provider infrastructure with fast scale
A public cloud is owned and operated by a third-party provider. Multiple customers use the same provider infrastructure, while the provider keeps each customer separated through logical controls. This is the multi-tenant idea. You can picture it like a secure apartment building: many renters share the building, but each unit has its own locks and boundaries.
In a public cloud, the provider supplies the big building blocks:
- Data centers, power, cooling, and physical security
- Core networking and internet connectivity
- A catalog of services (compute, storage, databases, identity tools, monitoring)
The main benefits tend to show up quickly. First, you can provision resources in minutes, not weeks. Second, costs often follow a pay-as-you-go model, which helps when demand changes. Third, large providers offer global regions, so you can serve users closer to where they live.
Still, there are common concerns you should recognize for exam questions and real support work. Because the environment is shared, you must plan security and compliance carefully. Internet reliance also matters, because outages or poor connectivity can block access to apps and data. In addition, regulated organizations often need clear documentation about where data resides and how it is protected.
A simple example is hosting a public website on cloud virtual machines and object storage. Another everyday example is cloud email (like a provider-hosted mail platform) where the vendor runs the servers and your company manages users and settings.
Exam clue: Watch for "third-party provider," "shared resources," or "multi-tenant."
Hybrid cloud, mixing private and public to meet real-world needs
A hybrid cloud combines more than one deployment model, usually private and public, in an integrated way. Integration is the key word. Hybrid does not mean "some computers are local and we also use a website." It means systems connect and work together across environments, often through VPNs, dedicated links, synced identity, and coordinated security rules.
Hybrid exists because many organizations have mixed priorities. They may need strong control for sensitive data, yet still want the speed and scale of a public provider. Common drivers include:
- Keep sensitive data private: Store regulated records in a private environment, while still using public cloud tools for other workloads.
- Burst capacity: Run normal workloads privately, then add public compute during peak demand.
- Phased migration: Move one app at a time, rather than switching everything in one weekend.
- Backup and disaster recovery: Replicate backups to public cloud storage, or fail over to public resources during an outage.
A simple diagram description in words looks like this: the customer database stays in the private cloud, while the web front end runs in the public cloud. The web tier connects to the database through a secured link, and both use the same identity system for access control.
Hybrid can confuse test-takers because it sounds like other terms. One common trap is mixing up hybrid and multi-cloud. Multi-cloud means using more than one public cloud provider (for example, Provider A plus Provider B). Hybrid means mixing types (private plus public), whether you use one provider or many.
If the scenario stresses "integration between private and public," think hybrid. If it stresses "two public providers," think multi-cloud.
Exam trap to avoid: "We have desktops on-site and we use SaaS" is not hybrid by itself. Look for connected workloads across private and public environments.
Community cloud, shared by organizations with the same mission or rules
A community cloud is shared by a defined group of organizations with common needs. These needs often relate to policy, security, data handling, or mission. Unlike the broad public cloud, the community is limited to approved members.
You can think of it like a shared facility built for a specific type of tenant. For example, a group of schools might need the same student data protections. A set of hospitals might align on healthcare privacy rules. Local government agencies may share retention policies and auditing practices.
Management varies based on the agreement. A community cloud can be managed by:
- One member organization that hosts and operates the environment
- A third party that runs it for the group
- Shared governance, where members define standards and share oversight
Community cloud is chosen because it spreads costs across members while keeping policies consistent. It also simplifies compliance work when everyone follows the same baseline controls and reporting.
One scenario: Several city departments (public works, library services, and permitting) share a community cloud managed by a regional IT authority. They use the same identity system, logging standards, and data retention rules, which reduces duplicate effort.
Exam clue: Look for "group of organizations" and "shared compliance requirements."
Service models tell you who manages what, IaaS vs PaaS vs SaaS
Cloud service models explain the split of responsibility between you and the provider. That split matters on the CompTIA A+ 220-1101 exam because many questions are really asking, "Who patches this?" or "Who secures that?" If you can name what the vendor runs versus what you must configure, you can solve most scenarios quickly.
A simple way to remember it is to think in layers. As you move from IaaS to PaaS to SaaS, the provider manages more layers. In exchange, you give up some control.
IaaS, you rent the hardware, you still manage the OS and apps
With Infrastructure as a Service (IaaS), the provider supplies the building blocks of a data center, but you still run your server. In practice, this usually means virtual machines that you create and manage.