Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 6 Discussion

Actual exam question for HashiCorp's HashiCorp Certified: Vault Associate (002) exam
Question #: 6
Topic #: 7
[All HashiCorp Certified: Vault Associate (002) Questions]

Vault supports which type of configuration for source limited token?

Show Suggested Answer Hide Answer
Suggested Answer: C

Vault supports CIDR-bound tokens, which are tokens that can only be used from a specific set of IP addresses or network ranges. This is a way to limit the scope and exposure of a token in case it is compromised or leaked. CIDR-bound tokens can be created by specifying the bound_cidr_list parameter when creating or updating a token role, or by using the -bound-cidr option when creating a token using the vault token create command. CIDR-bound tokens can also be created by some auth methods, such as AWS or Kubernetes, that can automatically bind the tokens to the source IP or network of the client.Reference:Token - Auth Methods | Vault | HashiCorp Developer,vault token create - Command | Vault | HashiCorp Developer


by Quentin at Nov 25, 2023, 02:47 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Linn
4 days ago
Haha, you guys are really overthinking this. It's obviously cloud-bound tokens. I mean, what else would Vault use to restrict access to the cloud, right? *wink wink*
upvoted 0 times
...
Gertude
5 days ago
I'm not entirely convinced. Didn't we learn about certificate-bound tokens in the training? Those seem like they could also be a valid option for source-limited tokens.
upvoted 0 times
...
Marge
6 days ago
Yeah, I was thinking the same thing. CIDR-bound tokens seem to be the most logical choice since they allow you to restrict access based on IP ranges. Though I'm not sure if the other options are completely out of the question.
upvoted 0 times
...
Rosalind
7 days ago
Hmm, this question seems a bit tricky. I'm not too familiar with Vault's token configuration options, but I think the CIDR-bound tokens might be the right answer here.
upvoted 0 times
...

Save Cancel