ExamGecko
Search Search Login
Home Home / HashiCorp / Vault Associate 002
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A developer mistakenly committed code that contained AWS S3 credentials into a public repository. You have been tasked with revoking the AWS S3 credential that was in the code. This credential was created using Vault's AWS secrets engine and the developer received the following output when requesting a credential from Vault. Which Vault command will revoke the lease and remove the credential from AWS?
Use this screenshot to answer the question below: Where on this page would you click to view a secret located at secret/my-secret?
The Vault encryption key is stored in Vault's backend storage.
When unsealing Vault, each Shamir unseal key should be entered:
What can be used to limit the scope of a credential breach?
What does the following policy do?
When looking at Vault token details, which key helps you find the paths the token is able to access?
Which statement describes the results of this command: $ vault secrets enable transit
An authentication method should be selected for a use case based on:
Where can you set the Vault seal configuration? Choose two correct answers.

Question 35 - Vault Associate 002 discussion

Report
Export

Where can you set the Vault seal configuration? Choose two correct answers.

A.
Cloud Provider KMS
Answers
A.
Cloud Provider KMS
B.
Vault CLI
Answers
B.
Vault CLI
C.
Vault configuration file
Answers
C.
Vault configuration file
D.
Environment variables
Answers
D.
Environment variables
E.
Vault API
Answers
E.
Vault API
Suggested answer: C, D

Explanation:

The Vault seal configuration can be set in two ways: through the Vault configuration file or through environment variables. The Vault configuration file is a text file that contains the settings and options for Vault, such as the storage backend, the listener, the telemetry, and the seal. The seal stanza in the configuration file specifies the seal type and the parameters to use for additional data protection, such as using HSM or Cloud KMS solutions to encrypt and decrypt the root key. The seal configuration can also be set through environment variables, which will take precedence over the values in the configuration file. The environment variables are prefixed with VAULT_SEAL_ and followed by the seal type and the parameter name. For example, VAULT_SEAL_AWSKMS_REGION sets the region for the AWS KMS seal.Reference:Seals - Configuration | Vault | HashiCorp Developer,Environment Variables | Vault | HashiCorp Developer

Show Answer
asked 18/09/2024
Gary Corley
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms