Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 6 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 6
Topic #: 7
[All Vault-Associate Questions]

Vault supports which type of configuration for source limited token?

Show Suggested Answer Hide Answer
Suggested Answer: C

Vault supports CIDR-bound tokens, which are tokens that can only be used from a specific set of IP addresses or network ranges. This is a way to limit the scope and exposure of a token in case it is compromised or leaked. CIDR-bound tokens can be created by specifying the bound_cidr_list parameter when creating or updating a token role, or by using the -bound-cidr option when creating a token using the vault token create command. CIDR-bound tokens can also be created by some auth methods, such as AWS or Kubernetes, that can automatically bind the tokens to the source IP or network of the client.Reference:Token - Auth Methods | Vault | HashiCorp Developer,vault token create - Command | Vault | HashiCorp Developer


by Quentin at Nov 25, 2023, 02:47 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Linn
1 years ago
Haha, you guys are really overthinking this. It's obviously cloud-bound tokens. I mean, what else would Vault use to restrict access to the cloud, right? *wink wink*
upvoted 0 times
...
Gertude
1 years ago
I'm not entirely convinced. Didn't we learn about certificate-bound tokens in the training? Those seem like they could also be a valid option for source-limited tokens.
upvoted 0 times
Starr
1 years ago
That's true. The correct answer is probably one of the options provided such as Cloud-bound tokens or Domain-bound tokens.
upvoted 0 times
...
Rex
1 years ago
But the question specifically asked for the type of configuration mentioned in the answer options.
upvoted 0 times
...
Sabina
1 years ago
Yeah, certificate-bound tokens could also be a valid option for source-limited tokens.
upvoted 0 times
...
Carin
1 years ago
D) Certificate-bound tokens
upvoted 0 times
...
Odette
1 years ago
C) CIDR-bound tokens
upvoted 0 times
...
Myra
1 years ago
B) Domain-bound tokens
upvoted 0 times
...
Carmen
1 years ago
A) Cloud-bound tokens
upvoted 0 times
...
...
Marge
1 years ago
Yeah, I was thinking the same thing. CIDR-bound tokens seem to be the most logical choice since they allow you to restrict access based on IP ranges. Though I'm not sure if the other options are completely out of the question.
upvoted 0 times
...
Rosalind
1 years ago
Hmm, this question seems a bit tricky. I'm not too familiar with Vault's token configuration options, but I think the CIDR-bound tokens might be the right answer here.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77