HashiCorp HCVA0-003 - HashiCorp Certified: Vault Associate (003) Exam
Which of the following auth methods are intended for machine-to-machine authentication, and not necessarily human (operator) authentication? (Select four)
Which of the following best describes response wrapping?
Although batch and service tokens share many characteristics, which of the following are true only about batch tokens? (Select three)
True or False? The root and default policies can be deleted if they are not needed or being used.
Short-lived, dynamically generated secrets provide organizations with many benefits. Select the benefits from the options below. (Select four)
What command can be used to revoke all leases associated with a database role named prod-mysql?
Tanner manages a data processing application and needs to be sure the data being processed is encrypted so it is securely stored post-processing. Which secrets engines can encrypt data? (Select three)
Jarrad is an AWS engineer and has provisioned a new EC2 instance running MySQL since his application requires a specific MySQL version. He wants to integrate Vault into his workflow but is new to Vault. What secrets engine should Jarrad use to integrate this new database running in AWS?
True or False? The following policy permits a user to read secrets contained in the path secrets/cloud/apps/jenkins?
text
CollapseWrapCopy
path " secrets/cloud/apps/jenkins/* " {
capabilities = [ " create " , " read " , " update " , " delete " , " list " ]
}
You have ciphertext stored in an Amazon S3 bucket encrypted by the key named prod-customer. Will Vault decrypt this data with the command vault write transit/decrypt/prod-customer ciphertext= " vault:v4:Xa1f9FIJtn13em/Wb7QCsXsU/kCOn7... " given this output?
$ vault read transit/keys/prod-customer
Key Value
--- -----
...
keys map[4:1549347108 5:1549347109 6:1549347110]
latest_version 6
min_available_version 0
min_decryption_version 4
min_encryption_version 0
Will Vault decrypt this data for you by running the following command?
$ vault write transit/decrypt/prod-customer ciphertext= " vault:v4:Xa1f9FIJtn13em/Wb7QCsXsU/kCOn7... "
