HashiCorp HCVA0-003 - HashiCorp Certified: Vault Associate (003) Exam
You want to generate a token with a TTL of 24 hours which can be renewed indefinitely.
Which flag would you use on the following command?
vault token create
You need to manage access to Vault secrets engines for users that will have multiple accounts with various identity providers with which they will authenticate to Vault, such as GitHub, LDAP, Active Directory, etc.
What would allow them to have a single set of policies across all of these identity providers for each user?
Security requirements demand that no secrets appear in the shell history. Which command does not meet this requirement?
A system starts up 1000+ containers, all requiring connection to Vault upon its initial setup.
Which strategy will reduce I/O traffic to the storage backend?
You can build a high availability Vault cluster with any storage backend.
The key/value v2 secrets engine is enabled at secret/ See the following policy:

Which of the following operations are permitted by this policy? Choose two correct answers.
Where does the Vault Agent store its cache?
The base namespace for HCP Vault Dedicated clusters is admin.
Which of the following is a reason to rekey a Vault cluster?
Pick the 2 correct responses below.
A user issues the following cURL command to encrypt data using the transit engine and the Vault AP:

Which payload.json file has the correct contents?




