Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 6 Discussion

Actual exam question for HashiCorp's HashiCorp Certified: Vault Associate (002) exam
Question #: 6
Topic #: 7
[All HashiCorp Certified: Vault Associate (002) Questions]

Vault supports which type of configuration for source limited token?

Show Suggested Answer Hide Answer
Suggested Answer: C

Vault supports CIDR-bound tokens, which are tokens that can only be used from a specific set of IP addresses or network ranges. This is a way to limit the scope and exposure of a token in case it is compromised or leaked. CIDR-bound tokens can be created by specifying the bound_cidr_list parameter when creating or updating a token role, or by using the -bound-cidr option when creating a token using the vault token create command. CIDR-bound tokens can also be created by some auth methods, such as AWS or Kubernetes, that can automatically bind the tokens to the source IP or network of the client.Reference:Token - Auth Methods | Vault | HashiCorp Developer,vault token create - Command | Vault | HashiCorp Developer


by Quentin at Nov 25, 2023, 02:47 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Linn
24 days ago
Haha, you guys are really overthinking this. It's obviously cloud-bound tokens. I mean, what else would Vault use to restrict access to the cloud, right? *wink wink*
upvoted 0 times
...
Gertude
25 days ago
I'm not entirely convinced. Didn't we learn about certificate-bound tokens in the training? Those seem like they could also be a valid option for source-limited tokens.
upvoted 0 times
Starr
6 days ago
That's true. The correct answer is probably one of the options provided such as Cloud-bound tokens or Domain-bound tokens.
upvoted 0 times
...
Rex
7 days ago
But the question specifically asked for the type of configuration mentioned in the answer options.
upvoted 0 times
...
Sabina
8 days ago
Yeah, certificate-bound tokens could also be a valid option for source-limited tokens.
upvoted 0 times
...
Carin
9 days ago
D) Certificate-bound tokens
upvoted 0 times
...
Odette
10 days ago
C) CIDR-bound tokens
upvoted 0 times
...
Myra
11 days ago
B) Domain-bound tokens
upvoted 0 times
...
Carmen
12 days ago
A) Cloud-bound tokens
upvoted 0 times
...
...
Marge
26 days ago
Yeah, I was thinking the same thing. CIDR-bound tokens seem to be the most logical choice since they allow you to restrict access based on IP ranges. Though I'm not sure if the other options are completely out of the question.
upvoted 0 times
...
Rosalind
27 days ago
Hmm, this question seems a bit tricky. I'm not too familiar with Vault's token configuration options, but I think the CIDR-bound tokens might be the right answer here.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77