Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

HashiCorp VA-002-P - HashiCorp Certified: Vault Associate

HashiCorp VA-002-P Premium Access     Download Demo    
Page: 1 / 6
Total 200 questions

In regards to deploying resources in multi-cloud environments, what are some of the benefits of using Terraform rather than a provider's native tooling? (select three)

A.

Terraform simplifies management and orchestration, helping operators build large-scale, multi-cloud infrastructure

B.

Terraform can help businesses deploy applications on multiple clouds and on-premises infrastructure

C.

Terraform can manage cross-cloud dependencies

D.

Terraform is not cloud-agnostic and can be used to deploy resources across a single public cloud

Terraform Cloud is more powerful when you integrate it with your version control system (VCS) provider. Select all the supported VCS providers from the answers below. (select four)

A.

CVS Version Control

B.

GitHub Enterprise

C.

Bitbucket Cloud

D.

Azure DevOps Server

E.

GitHub

Which of the following best describes the storage backend?

A.

configures client interaction with a cloud storage service, such as Amazon S3

B.

configures the location for storage of Vault data

C.

selects the type of storage the Vault node runs on, such as SSD or traditional spinning hard drive

D.

Encrypts the hard drives of the server which Vault is running on

After running into issues with Terraform, you need to enable verbose logging to assist with troubleshooting the error. Which of the following values provides the MOST verbose logging?

A.

ERROR

B.

INFO

C.

DEBUG

D.

WARN

E.

TRACE

True or False:

When using the transit secrets engine, setting the min_decryption_version will determine the minimum key length of the data key (i.e., 2048, 4096, etc.)

A.

False

B.

True

Vault secrets engines are used to do what with data? (select three)

A.

copy

B.

generate

C.

store

D.

transmit

E.

encrypt

What is the proper command to enable the AWS secrets engine at the default path?

A.

vault enable secrets aws

B.

vault secrets aws enable

C.

vault secrets enable aws

D.

vault enable aws secrets engine

You've decided to use AWS KMS to automatically unseal Vault on private EC2 instances. After deploying your Vault cluster, and running vault operator init, Vault responds with an error and cannot be unsealed.

You've determined that the subnet you've deployed Vault into doesn't have internet access. What can you do to enable Vault to communicate with AWS KMS in the most secure way?

A.

ask the networking team to provide Vault with inbound access from the internet

B.

deploy Vault in a public subnet and provide the Vault nodes with public IP addresses

C.

add a VPC endpoint

D.

change the permissions on the Internet Gateway to allow the Vault nodes to communicate over the Internet

Which of the following commands will launch the Interactive console for Terraform interpolations?

A.

terraform

B.

terraform console

C.

terraform cmdline

D.

terraform cli

What is the purpose of using the local-exec provisioner? (select two)

A.

ensures that the resource is only executed in the local infrastructure where Terraform is deployed

B.

to execute one or more commands on the machine running Terraform

C.

to invoke a local executable

D.

executes a command on the resource to invoke an update to the Terraform state