ExamGecko
Search Search Login
Home Home / HashiCorp / Vault Associate 002
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What does the following policy do?
A developer mistakenly committed code that contained AWS S3 credentials into a public repository. You have been tasked with revoking the AWS S3 credential that was in the code. This credential was created using Vault's AWS secrets engine and the developer received the following output when requesting a credential from Vault. Which Vault command will revoke the lease and remove the credential from AWS?
Use this screenshot to answer the question below: Where on this page would you click to view a secret located at secret/my-secret?
The Vault encryption key is stored in Vault's backend storage.
Where can you set the Vault seal configuration? Choose two correct answers.
When unsealing Vault, each Shamir unseal key should be entered:
Your organization has an initiative to reduce and ultimately remove the use of long lived X.509 certificates. Which secrets engine will best support this use case?
What can be used to limit the scope of a credential breach?
To give a role the ability to display or output all of the end points under the /secrets/apps/* end point it would need to have which capability set?
When looking at Vault token details, which key helps you find the paths the token is able to access?

Question 57 - Vault Associate 002 discussion

Report
Export

A developer mistakenly committed code that contained AWS S3 credentials into a public repository. You have been tasked with revoking the AWS S3 credential that was in the code. This credential was created using Vault's AWS secrets engine and the developer received the following output when requesting a credential from Vault.

Which Vault command will revoke the lease and remove the credential from AWS?

A.
vault lease revoke aws/creds/s3-access/f3e92392-7d9c-99c8-c921-57Sd62fe89d8
Answers
A.
vault lease revoke aws/creds/s3-access/f3e92392-7d9c-99c8-c921-57Sd62fe89d8
B.
vault lease revoke AKIAI0WQXTLW36DV7IEA
Answers
B.
vault lease revoke AKIAI0WQXTLW36DV7IEA
C.
vault lease revoke f3e92392-7d9c-O9c8-c921-575d62fe80d8
Answers
C.
vault lease revoke f3e92392-7d9c-O9c8-c921-575d62fe80d8
D.
vault lease revoke access_key-AKIAI0WQXTLW36DV7IEA
Answers
D.
vault lease revoke access_key-AKIAI0WQXTLW36DV7IEA
Suggested answer: A

Explanation:

The correct answer is A because the lease ID is the unique identifier for the credential. The lease ID is used to revoke the credential using the vault lease revoke command. This command will invalidate the credential immediately and prevent any further renewals.It will also delete the access key and secret key from AWS, rendering them useless1. The access key and secret key are not sufficient to revoke the credential, as they are not recognized by Vault. The lease ID is composed of the path of the secrets engine, the role name, and a random UUID. In this case, the path is aws/creds, the role name is s3-access, and the UUID is f3e92392-7d9c-99c8-c921-57Sd62fe89d8.

lease revoke - Command | Vault | HashiCorp Developer

Show Answer
asked 18/09/2024
Kefash White
40 questions
PreviousPrevious
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms