Journal of Information Security Research Farhan Nisar, Baseer Ali Rehman, Sana Shafiq, Shum Yee Chan, Rabina Safi 16 4 2025 https://doi.org/10.6025/jisr/2025/16/4/137-149 https://www.dline.info/jisr/fulltext/v16n4/jisrv16n4_1.pdf The document examines cloud computing security challenges, emphasizing that misconfigurations, weak identity controls, insecure APIs, and DoS/DDoS attacks are among the most critical vulnerabilities in modern cloud environments. It highlights that human error not platform flaws is the primary cause of breaches, underscoring the need for robust policy based defenses. The study's main contribution involves analyzing various DoS attack types (volumetric, protocol based, and application layer), enhancing edge router security through ACLs, rate limiting, and deep packet inspection, and validating these measures in a GNS3 network simulation environment. Key experiments demonstrate that disabling Cisco Discovery Protocol (CDP), enabling DHCP snooping, and applying port security effectively mitigate ICMP floods, rogue DHCP servers, and reconnaissance threats. The paper validates established best practices such as those from Cisco rather than proposing novel cryptographic or architectural solutions. While results show 100% mitigation of specific attacks under controlled conditions, limitations include the lack of real world deployment, the absence of AI despite the title's implication, a narrow threat scope, and a simplified network topology. Future work recommends testing in live multi cloud infrastructures, integrating AI driven anomaly detection for adaptive policy enforcement, and developing context aware threat models for hybrid cloud ecosystems. Overall, the research provides practical, simulation backed evidence that foundational Layer 2/3 security configurations significantly improve resilience against common network layer threats in cloud infrastructures.