3.6

Question 1

What is HA Across Zones?

Answer 1

-Availability Zones (AZ)
-Isolated locations within a cloud region (geographical location)
–AZ commonly spans across multiple regions
–Each AZ has independent power, HVAC, and networking

-Build applications to be Highly Available (HA)
–Run as active/standby or active/active
–Application recognizes an outage and moves to the other AZ

-Use load balancers to provide seamless HA
–Users don’t experience any application issues

Question 2

What is Key Management?

Answer 2

-The process of managing encryption keys and/or digital certificates using a defined policy and procedure. Elements often include key creation, Key storage, Key Use limitations, and key destruction.

Question 3

What is a CA?

Answer 3

-Certificate Authority

-An issuer of digital certificates (which are then used for digital signatures or key pairs)

Question 4

What is an Intermediate CA?

Answer 4

-Any certificate authority (CA) positioned below a root or another CA, but above any leaf CAs. AKA Subordinate CA.

Question 5

What is a Registration Authority?

Answer 5

-An organization that offloads some of the work from a certificate authority. An RA system operates as a middleman in the process. The RA can distribute cryptography keys, accept registrations for the CA, and validate identities. The RA doesn’t issue certificates; that responsibility remains with the CA.

Question 6

What is a CRL?

Answer 6

-Certificate Revocation List

(Certificate revocation is the act of making a certificate invalid)

-A list of digital certificate revocations that must be regularly downloaded to stay current