- All Exams Instant Download
What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?
What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?A . vault kv put secret/my-secrets/my-password 53cr3tB . vault kv write secret/my-secrets/my-password 53cr3tC . vault kv write 53cr3t my-secrets/my-passwordD . vault kv put secret/my-secrets »y-password-53cr3tView AnswerAnswer: A...
How do you create a new user named "sally" with password "h0wN0wB4r0wnC0w"?
You are using the Vault userpass auth method mounted at auth/userpass. How do you create a new user named "sally" with password "h0wN0wB4r0wnC0w"? This new user will need the power-users policy. A) B) C) D) A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: D...
Which secrets engine would you recommend?
Your DevOps team would like to provision VMs in GCP via a CICD pipeline. They would like to integrate Vault to protect the credentials used by the tool. Which secrets engine would you recommend?A . Google Cloud Secrets EngineB . Identity secrets engineC . Key/Value secrets engine version 2D ....
What is the Vault CLI command to query information about the token the client is currently using?
What is the Vault CLI command to query information about the token the client is currently using?A . vault lookup tokenB . vault token lookupC . vault lookup selfD . vault self-lookupView AnswerAnswer: B Explanation: The Vault CLI command to query information about the token the client is currently using...
How would you describe the value of using the Vault transit secrets engine?
How would you describe the value of using the Vault transit secrets engine?A . Vault has an API that can be programmatically consumed by applicationsB . The transit secrets engine ensures encryption in-transit and at-rest is enforced enterprise wideC . Encryption for application data is best handled by a storage...
Which command does not meet this requirement?
Security requirements demand that no secrets appear in the shell history. Which command does not meet this requirement? A. generate-password | vault kv put secret/password value B. vault kv put secret/password value-itsasecret C. vault kv put secret/password [email protected] D. vault kv put secret/password value-SSECRET_VALUEView AnswerAnswer: B Explanation: The command that...
Where do you define the Namespace to log into using the Vault Ul?
HOTSPOT Where do you define the Namespace to log into using the Vault Ul? To answer this question Use your mouse to click on the screenshot in the location described above. An arrow indicator will mark where you have clicked. Click the "Answer" button once you have positioned the arrow...
You can build a high availability Vault cluster with any storage backend.
You can build a high availability Vault cluster with any storage backend.A . TrueB . FalseView AnswerAnswer: B Explanation: Not all storage backends support high availability mode for Vault. Only the storage backends that support locking can enable Vault to run in a multi-server mode where one server is active...
What can be used to limit the scope of a credential breach?
What can be used to limit the scope of a credential breach?A . Storage of secrets in a distributed ledgerB . Enable audit loggingC . Use of a short-lived dynamic secretsD . Sharing credentials between applicationsView AnswerAnswer: C Explanation: Using a short-lived dynamic secrets can help limit the scope of...
Which of the following is a machine-oriented Vault authentication backend?
Which of the following is a machine-oriented Vault authentication backend?A . OktaB . AppRoleC . TransitD . GitHubView AnswerAnswer: B Explanation: AppRole is a machine-oriented authentication method that allows machines or applications to authenticate with Vault using a role ID and a secret ID. The role ID is a unique...
