HashiCorp Vault Associate Certification Exam Sample Questions

We have prepared HashiCorp Certified Vault Associate certification sample questions to make you aware of actual exam properties. This sample question set provides you with information about the HashiCorp Security Automation exam pattern, question formate, a difficulty level of questions and time required to answer each question. To get familiar with HashiCorp Certified - Vault Associate exam, we suggest you try our Sample HashiCorp Security Automation Certification Practice Exam in simulated HashiCorp certification exam environment.

To test your knowledge and understanding of concepts with real-time scenario based questions, we strongly recommend you to prepare and practice with Premium HashiCorp Vault Associate Certification Practice Exam. The premium certification practice exam helps you identify topics in which you are well prepared and topics in which you may need further training to achieving great score in actual HashiCorp Certified - Vault Associate exam.

HashiCorp Vault Associate Sample Questions:

01. An organization needs to protect sensitive application data currently stored in a database as plaintext. Which secrets engine provides a solution?

a) Key/Value v2 secrets engine

b) Cubbyhole secrets engine

c) Transit secrets engine

d) Database secrets engine

 

02. What is true of Vault tokens?

Choose TWO correct answers.

a) Vault tokens are generated by every authentication method login

b) Vault tokens are also known as unseal keys

c) Vault tokens are required for every Vault call

d) Vault token IDs always begin with "s." such as s.E7rOurS2n7m2Dt5409jWxR87

e) Vault tokens are the core method for authentication in Vault

 

03. Using the Vault CLI, what command is used to authenticate to Vault?

a) vault auth

b) vault login

c) vault user

d) vault creds

 

04. Which of the following statements explains the benefit of response wrapping?
Choose TWO correct answers.

a) Limits the time of secret exposure by having a short-lived wrapping token

b) Allow versioning of the secrets

c) It protects Vault's master key

d) Only the reference to the secrets is transmitted over the public network

e) Limits the size of secrets to be transmitted over the network

 

05. Vault operators can create two types of groups in Vault. What are the two types?

a) user groups

b) external groups

c) policy groups

d) internal groups

e) security groups

 

06. Where on the page would you click to display the list of available Vault-created encryption keys.

a) Cubbyhole/

Cubbyhole_963bc710

b) secret/

v2 kv_4469f5f8

c) transit/

transit_9fd540af

 

07. Which path will this policy allow?

path "kv/+/team_*" {

    capabilities = [ "read" ]

}

a) kv/team_edu

b) kv/us-west/team

c) kv/us-west/team_edu

d) kv/us-west/ca/team_edu

 

08. Which statements correctly describe the command below.
Choose TWO correct answers.

vault write transit/decrypt/password \

 ciphertext=vault:v1:8SDd3WHDOjf7mq69CyCqYjBXAiQQAVZRkFM13ok481zoCmHnSeDX9vyf7w==

a) Returns an error due to missing encryption key name

b) Returns base64-encoded plaintext

c) Decrypts the ciphertext if the token permits

d) Returns the ciphertext

e) Requires sudo capability on the transit/decrypt/password path

 

09. Which statement is true about an orphan token?

a) It does not expire when its parent does

b) It is not persisted

c) It does not have a max time-to-live (TTL)

d) It has a use limit

 

10. You need to edit a policy, but the UI appears as shown. What is the problem?

a) This is an UI error. Contact support.

b) You don't have a permission to manage policies.

c) Vault UI does not support policy creation and management.

d) Use the command shell in UI to manage policies.

Answers:

Note: Please update us by writing an email on feedback@vmexam.com for any error in HashiCorp Certified - Vault Associate certification exam sample questions