Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 34 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 34
Topic #: 7
[All Vault-Associate Questions]

The key/value v2 secrets engine is enabled at secret/ See the following policy:

Which of the following operations are permitted by this policy? Choose two correct answers.

Show Suggested Answer Hide Answer
Suggested Answer: A

An authentication method should be selected for a use case based on the auth method that best establishes the identity of the client. The identity of the client is the basis for assigning a set of policies and permissions to the client in Vault. Different auth methods have different ways of verifying the identity of the client, such as using passwords, tokens, certificates, cloud credentials, etc. Depending on the use case, some auth methods may be more suitable or convenient than others. For example, for human users, the userpass or ldap auth methods may be easy to use, while for machines or applications, the approle or aws auth methods may be more secure and scalable. The choice of the auth method should also consider the trade-offs between security, performance, and usability.Reference:Auth Methods | Vault | HashiCorp Developer,Authentication - Concepts | Vault | HashiCorp Developer


by Justine at Jan 13, 2025, 05:00 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Peggy
13 days ago
Hey, I heard the Vault team is hiring a new Peggy to write their test questions. Looks like they nailed it with this one! Bet they're sitting back, sipping their lattes, and waiting for the chaos to unfold. I wonder if they'll accept 'D and E' as the right answers... just to see who's brave enough to try it.
upvoted 0 times
...
Louvenia
15 days ago
Well, well, well, look at that fancy policy. Let me guess, A and C are the winners here. No putting or deleting, but you can get and check the metadata. Though I'm pretty sure the devs who wrote this policy were just messing with us. They're probably laughing their butts off right now, watching us struggle with this one.
upvoted 0 times
Deonna
24 hours ago
A) vault kv get secret/webapp1
upvoted 0 times
...
...
Selma
30 days ago
Ha! D and E, huh? Not a chance, buddy. The policy clearly states you can't delete or list that 'super-secret' folder. Looks like A and C are the way to go. Though I'm tempted to try B just to see what happens... Might as well go out with a bang, right?
upvoted 0 times
...
Eliz
1 months ago
Whoa, hold up! B and D? No way, that policy ain't gonna let you do that. Gotta stick to A and C, my friend. Though I'm kind of curious what's in that 'super-secret' folder... Bet it's juicy!
upvoted 0 times
...
Melvin
2 months ago
Alright, let's see here. Based on the policy, I'm guessing A and C are the correct answers. Get and metadata operations seem to be allowed, but no putting or deleting. Though I wonder if that means I can't update anything either... Hmm, tricky one.
upvoted 0 times
Aracelis
13 days ago
So we can view and get metadata for secrets, but can't make any changes.
upvoted 0 times
...
Brigette
15 days ago
Yeah, I agree. Get and metadata operations are permitted, but not put or delete.
upvoted 0 times
...
Clay
25 days ago
I think you're right, A and C are the correct answers. No putting or deleting allowed.
upvoted 0 times
...
...
Billi
2 months ago
I'm not sure, I think C and E might also be permitted.
upvoted 0 times
...
Ryann
2 months ago
I agree with Whitley, A and B make sense based on the policy.
upvoted 0 times
...
Whitley
2 months ago
I think A and B are permitted.
upvoted 0 times
...

Save Cancel