Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 34 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 34
Topic #: 7
[All Vault-Associate Questions]

The key/value v2 secrets engine is enabled at secret/ See the following policy:

Which of the following operations are permitted by this policy? Choose two correct answers.

Show Suggested Answer Hide Answer
Suggested Answer: A

An authentication method should be selected for a use case based on the auth method that best establishes the identity of the client. The identity of the client is the basis for assigning a set of policies and permissions to the client in Vault. Different auth methods have different ways of verifying the identity of the client, such as using passwords, tokens, certificates, cloud credentials, etc. Depending on the use case, some auth methods may be more suitable or convenient than others. For example, for human users, the userpass or ldap auth methods may be easy to use, while for machines or applications, the approle or aws auth methods may be more secure and scalable. The choice of the auth method should also consider the trade-offs between security, performance, and usability.Reference:Auth Methods | Vault | HashiCorp Developer,Authentication - Concepts | Vault | HashiCorp Developer


by Justine at Jan 13, 2025, 05:00 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Peggy
28 days ago
Hey, I heard the Vault team is hiring a new Peggy to write their test questions. Looks like they nailed it with this one! Bet they're sitting back, sipping their lattes, and waiting for the chaos to unfold. I wonder if they'll accept 'D and E' as the right answers... just to see who's brave enough to try it.
upvoted 0 times
...
Louvenia
30 days ago
Well, well, well, look at that fancy policy. Let me guess, A and C are the winners here. No putting or deleting, but you can get and check the metadata. Though I'm pretty sure the devs who wrote this policy were just messing with us. They're probably laughing their butts off right now, watching us struggle with this one.
upvoted 0 times
Hailey
11 days ago
C) vault kv metadata get secret/webapp1
upvoted 0 times
...
Deonna
16 days ago
A) vault kv get secret/webapp1
upvoted 0 times
...
...
Selma
1 months ago
Ha! D and E, huh? Not a chance, buddy. The policy clearly states you can't delete or list that 'super-secret' folder. Looks like A and C are the way to go. Though I'm tempted to try B just to see what happens... Might as well go out with a bang, right?
upvoted 0 times
Hollis
14 days ago
A) vault kv get secret/webapp1
upvoted 0 times
...
...
Eliz
2 months ago
Whoa, hold up! B and D? No way, that policy ain't gonna let you do that. Gotta stick to A and C, my friend. Though I'm kind of curious what's in that 'super-secret' folder... Bet it's juicy!
upvoted 0 times
Huey
4 days ago
Whoa, hold up! B and D? No way, that policy ain't gonna let you do that. Gotta stick to A and C, my friend. Though I'm kind of curious what's in that 'super-secret' folder... Bet it's juicy!
upvoted 0 times
...
Malcom
11 days ago
B) vault kv put secret/webapp1 apikey-\'ABCDEFGHI] K123M\'
upvoted 0 times
...
Marya
12 days ago
A) vault kv get secret/webapp1
upvoted 0 times
...
...
Melvin
2 months ago
Alright, let's see here. Based on the policy, I'm guessing A and C are the correct answers. Get and metadata operations seem to be allowed, but no putting or deleting. Though I wonder if that means I can't update anything either... Hmm, tricky one.
upvoted 0 times
Aleta
15 days ago
Exactly, it's important to understand the limitations of the policy.
upvoted 0 times
...
Aracelis
28 days ago
So we can view and get metadata for secrets, but can't make any changes.
upvoted 0 times
...
Brigette
1 months ago
Yeah, I agree. Get and metadata operations are permitted, but not put or delete.
upvoted 0 times
...
Clay
1 months ago
I think you're right, A and C are the correct answers. No putting or deleting allowed.
upvoted 0 times
...
...
Billi
2 months ago
I'm not sure, I think C and E might also be permitted.
upvoted 0 times
...
Ryann
2 months ago
I agree with Whitley, A and B make sense based on the policy.
upvoted 0 times
...
Whitley
3 months ago
I think A and B are permitted.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77