Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 33 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 33
Topic #: 7
[All Vault-Associate Questions]

When unsealing Vault, each Shamir unseal key should be entered:

Show Suggested Answer Hide Answer
Suggested Answer: A

The Vault's auth method component is the component that performs authentication and assigns identity and policies to a client. It verifies a client against an internal or external system, and generates a token with the appropriate policies attached. The token can then be used to access the secrets and resources that are authorized by the policies. Vault supports various auth methods, such as userpass, ldap, aws, kubernetes, etc., that can integrate with different identity providers and systems. The auth method component can also handle token renewal and revocation, as well as identity grouping and aliasing.Reference:Auth Methods | Vault | HashiCorp Developer,Authentication - Concepts | Vault | HashiCorp Developer


by Aaron at Dec 05, 2024, 04:21 PM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Merissa
6 days ago
Option D seems the most straightforward, but I'm not sure it's the most secure. Better to follow the best practices, even if it's a bit more work.
upvoted 0 times
...
Erick
13 days ago
Hmm, I think option B is the way to go. It's important to have different admins involved to ensure proper separation of duties.
upvoted 0 times
...
Odelia
16 days ago
I think the keys should be encrypted with each administrators PGP key for added security.
upvoted 0 times
...
Tijuana
18 days ago
I disagree, I believe they should be entered by different administrators from different computers.
upvoted 0 times
...
Daisy
21 days ago
I think the Shamir unseal keys should be entered sequentially from one system.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77