diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md
index 5c829a940..15a166e0f 100644
--- a/infra-as-code/bicep/modules/hubNetworking/README.md
+++ b/infra-as-code/bicep/modules/hubNetworking/README.md
@@ -10,7 +10,7 @@ Module deploys the following resources:
 - Azure Firewall
 - Azure Firewall Policies
 - Private DNS Zones
-- DDos Standard Plan
+- DDoS Network Protection Plan
 - Bastion
 - Route Table
 
diff --git a/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep b/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep
index 652719890..84c85a4fe 100644
--- a/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep
+++ b/infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep
@@ -48,7 +48,7 @@ param parAzBastionSku string = 'Standard'
 @description('NSG Name for Azure Bastion Subnet NSG. Default: nsg-AzureBastionSubnet')
 param parAzBastionNsgName string = 'nsg-AzureBastionSubnet'
 
-@description('Switch to enable/disable DDoS Standard deployment. Default: true')
+@description('Switch to enable/disable DDoS Network Protection deployment. Default: true')
 param parDdosEnabled bool = true
 
 @description('DDoS Plan Name. Default: {parCompanyPrefix}-ddos-plan')
diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md
index 21d362332..88c0f17b0 100644
--- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md
+++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md
@@ -29,9 +29,9 @@ The module does not generate any outputs.
 
 > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice.
 <!-- markdownlint-disable -->
-> **Important:** If you decide to not use a DDoS Standard plan in your environment and therefore leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) then the policy Enable-DDoS-VNET will not be assigned at connectivity or landing zone Management Groups to avoid VNET deployment issues. For deployment in Azure China, leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) because the DDoS Protection feature is not available in Azure China.
+> **Important:** If you decide to not use a DDoS Network Protection plan in your environment and therefore leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) then the policy Enable-DDoS-VNET will not be assigned at connectivity or landing zone Management Groups to avoid VNET deployment issues. For deployment in Azure China, leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) because the DDoS Protection feature is not available in Azure China.
 >
-> However, if you later do decide to deploy an DDoS Standard Plan, you will need to remember to come back and update the parameter `parDdosProtectionPlanId` with the resource ID of the DDoS Standard Plan to ensure the policy is applied to the relevant Management Groups. You can then use a policy [remediation task](https://docs.microsoft.com/azure/governance/policy/how-to/remediate-resources) to bring all non-compliant VNETs back into compliance, once a [compliance scan](https://docs.microsoft.com/azure/governance/policy/how-to/get-compliance-data#evaluation-triggers) has taken place.
+> However, if you later do decide to deploy an DDoS Network Protection Plan, you will need to remember to come back and update the parameter `parDdosProtectionPlanId` with the resource ID of the DDoS Network Protection Plan to ensure the policy is applied to the relevant Management Groups. You can then use a policy [remediation task](https://docs.microsoft.com/azure/governance/policy/how-to/remediate-resources) to bring all non-compliant VNETs back into compliance, once a [compliance scan](https://docs.microsoft.com/azure/governance/policy/how-to/get-compliance-data#evaluation-triggers) has taken place.
 <!-- markdownlint-restore -->
 
 ### Azure CLI
diff --git a/infra-as-code/bicep/modules/policy/assignments/lib/china/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json b/infra-as-code/bicep/modules/policy/assignments/lib/china/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
index 5463b8605..631e91477 100644
--- a/infra-as-code/bicep/modules/policy/assignments/lib/china/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
+++ b/infra-as-code/bicep/modules/policy/assignments/lib/china/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
@@ -22,4 +22,4 @@
   "identity": {
     "type": "SystemAssigned"
   }
-}
\ No newline at end of file
+}
diff --git a/infra-as-code/bicep/modules/policy/assignments/lib/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json b/infra-as-code/bicep/modules/policy/assignments/lib/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
index 5463b8605..631e91477 100644
--- a/infra-as-code/bicep/modules/policy/assignments/lib/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
+++ b/infra-as-code/bicep/modules/policy/assignments/lib/policy_assignments/policy_assignment_es_enable_ddos_vnet.tmpl.json
@@ -22,4 +22,4 @@
   "identity": {
     "type": "SystemAssigned"
   }
-}
\ No newline at end of file
+}
diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md
index a0e702d18..37823df61 100644
--- a/infra-as-code/bicep/modules/vwanConnectivity/README.md
+++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md
@@ -10,7 +10,7 @@ Module deploys the following resources which can be configured by parameters:
 - ExpressRoute Gateway
 - Azure Firewall
 - Azure Firewall policy
-- DDoS Standard Plan
+- DDoS Network Protection Plan
 - Private DNS Zones - Details of all the Azure Private DNS zones can be found here --> [https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns#azure-services-dns-zone-configuration](https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns#azure-services-dns-zone-configuration)
 
 ## Parameters
diff --git a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep
index 25f85dab2..1f1fe2af5 100644
--- a/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep
+++ b/infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep
@@ -61,7 +61,7 @@ param parVpnGatewayScaleUnit int = 1
 @description('The scale unit for this ExpressRoute Gateway: Default: 1')
 param parExpressRouteGatewayScaleUnit int = 1
 
-@description('Switch to enable/disable DDoS Standard deployment. Default: true')
+@description('Switch to enable/disable DDoS Network Protection deployment. Default: true')
 param parDdosEnabled bool = true
 
 @description('DDoS Plan Name. Default: {parCompanyPrefix}-ddos-plan')