Page 1 out of 10. Viewing questions 1-10 out of 93
Question 1
Which statement describes the results of this command: vault kv list secret/test?
A. Check the status of a specific key/value secrets engine
B. List the existing key names at the secret/test path
C. Output all key/value secrets engines
D. Output all key names from all key/value secrets engine
Answer:
b
User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
Which of these options does not allow the creation of a root token?
A. By using batch tokens
B. By using another root token
C. The initial root token generated at the vault operator init time
D. By using vault operator generate-root with the permission of a quorum of unseal key holders
Answer:
a
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
Which of the following storage backends supports high availability?
A. Azure Storage Container
B. Manta
C. Amazon S3
D. Consul
Answer:
d
User Votes:
A
50%
B
50%
C 1 votes
50%
D 1 votes
50%
Discussions
0/ 1000
Question 4
Which is not true of Vault tokens?
A. Vault tokens are the core method for authentication in Vault
B. Vault tokens are generated by every authentication method login
C. Vault tokens map to information including polices the token holder has, TTL and max usage, metadata, creation and last renewal time, and more
D. Vault tokens are required for every Vault call
Answer:
d
User Votes:
A
50%
B
50%
C 1 votes
50%
D 1 votes
50%
Discussions
0/ 1000
Question 5
Which of the following are replication methods available in Vault Enterprise? (Choose two.)
A. Cluster sharding
B. Namespaces
C. Performance Replication
D. Disaster Recovery Replication
Answer:
cd
User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Which of the following statements are true about Vault policies? (Choose two.)
A. The default policy can not be modified
B. You must use YAML to define policies
C. Policies provide a declarative way to grant or forbid access to certain paths and operations in Vault
D. Vault must be restarted in order for a policy change to take an effect
E. Policies deny by default (empty policy grants no permission)
Answer:
ce
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
E 1 votes
50%
Discussions
0/ 1000
Question 7
What information is required to revoke a Vault lease?
A. Secret ID
B. User ID
C. Lease ID
D. Token ID
Answer:
c
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
Question 8
Why might an application be mapped to an identity entity?
A. To prohibit Vault administrators from revoking tokens associated with that application
B. To get around cloud license limitations
C. To allow an application deployed with multiple authentication methods have a consistent set of policies
D. To allow the same application in one cloud to access already provisioned Vault tokens for that application in another cloud
Answer:
c
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
Question 9
You manage two Vault dusters: vaultduster1.acme.corp and vaultduster2.acme.corp. You want to write a secret to the first Vaultcluster vaultcluster1.acme.corp and run vault kv put secret/foo value=bar. The command times out and the error references the Vault cluster, vaultcluster2.acme.corp. You run the command again with the following address flag: vault kv put -address=https://vaultcluster1.acme.corp secret/foo value=bar The command completes successfully. You find that the terminal session defines the environment variable VAULT_ADDR=https://vaultcluster2.acxe.corp:8200 Why was the second attempt successful?
A. Environment variables take precedence over flags
B. VAULT_CLUSTER_ADDR needs to be provided
C. Flags take precedence over environment variables
D. Vault listener is misconfigured
Answer:
c
User Votes:
A
50%
B
50%
C
50%
D 1 votes
50%
Discussions
0/ 1000
Question 10
Where can you set the Vault seal configuration? (Choose two.)