Consul Associate exam

Your colleague has deployed a new Consul cluster, and you want to double-check the encryption key used for gossip communication. You open up an SSH session to a Consul node and type the command consul keyring -list but receive the following error. From the error message below, what is missing...

You have deployed a new Consul cluster to be used for service discovery between your microservices for a new application. In the configuration file, as shown below, you have enabled ACLs and bootstrapped the ACL system. However, clients are still being permitted to read and write to the ACL system...

True or False? After executing the command below, the two registered services (front-end & inventory) will be able to communicate, assuming all other configurations are correct? consul intention create front-end inventoryA . True B. FalseView AnswerAnswer: A Explanation: When creating an intention, the default action is Allow, therefore the configuration...

In most organizations, a service will be run on multiple nodes to provide redundancy and high availability. In the following example, what is the name of the Consul service that this service definition will create? A . web-frontend B. green C. web-server-health D. web-aView AnswerAnswer: A Explanation: The service definition...

The LAN gossip pool provided by Serf requires that all cluster members (servers and clients) can communicate over what tcp/udp port, by default?A . 8301 B. 8300 C. 8500 D. 8600View AnswerAnswer: A Explanation: LAN Serf: The Serf LAN port (TCP and UDP) requires port 8301. This port is used...

In the Enterprise offering of Consul, a server agent can be either a voting or non-voting member of the cluster. Select the statements below that are true in regards to a non-voting member. (select three)A . a non-voting member cannot be automatically promoted to a voting member B. a non-voting...

Consul uses a gossip protocol that is powered by Serf. How is this communication protected between all participating servers and clients?A . shared secret B. TLS C. username and password D. mutual TLSView AnswerAnswer: A Explanation: Consul's gossip protocol is protected by a symmetric key, or a shared secret, that...

In order to provide high availability and ensure that Consul's state is preserved even if a server fails, HashiCorp suggests that Consul should be configured to run __________.A . on a public cloud platform that can provide hardware redundancy B. only Kubernetes to provide scheduling for new Consul nodes C....

After enabling ACLs using the configuration file, ACLs aren't preventing users from querying services. What are some reasons that Consul would continue to allow this to happen? (select three)A . the clients are using the bootstrap token for requests B. the anonymous token permits these actions C. the default_policy parameter...

Certificates are a critical component of Consul Connect. Which of the following certificate authorities (CAs) are supported by Consul? (select three) A. Active Directory-integrated CA B. Vault C. built-in Consul CA D. AWS ACM Private CA E. OpenSSL running on RedHatView AnswerAnswer: B,C,D Explanation: The CA provider abstraction enables Consul...