Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 3 Question 21 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 21
Topic #: 3
[All Vault-Associate Questions]

Examine the command below. Output has been trimmed.

Which of the following statements describe the command and its output?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Vault secret engine that can be used to build your own internal certificate authority is the PKI secret engine. The PKI secret engine generates dynamic X.509 certificates on-demand, without requiring manual processes of generating private keys and CSRs, submitting to a CA, and waiting for verification and signing. The PKI secret engine can act as a root CA or an intermediate CA, and can issue certificates for various purposes, such as TLS, code signing, email encryption, etc. The PKI secret engine can also manage the certificate lifecycle, such as rotation, revocation, renewal, and CRL generation. The PKI secret engine can also integrate with external CAs, such as Venafi or Entrust, to delegate the certificate issuance and management.Reference:PKI - Secrets Engines | Vault | HashiCorp Developer,Build Your Own Certificate Authority (CA) | Vault - HashiCorp Learn


by Murray at Jul 11, 2024, 06:39 PM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Paz
5 days ago
The command appears to be setting up an AppRole auth method with a specified role ID and secret ID. The output shows that a token was generated, but I'm not sure about the TTL or renewal policies.
upvoted 0 times
...
Della
7 days ago
I agree, the command configures the AppRole auth method with user specified role ID and secret ID.
upvoted 0 times
...
Catarina
10 days ago
I believe the generated token's TTL is 60 hours.
upvoted 0 times
...
Della
13 days ago
I think the command is missing a default token policy.
upvoted 0 times
...

Save Cancel