Free Terraform Associate Exam Braindumps (page: 65)

Page 65 of 113

Your team lead does not trust the junior terraform engineers who now have access to the git repo . So , he wants you to have some sort of a checking layer , whereby , you can ensure that the juniors will not create any non-compliant resources that might lead to a security audit failure in future. What can you do to efficiently enforce this?

  1. Create a design /security document (in PDF) and share to the team , and ask them to always follow that document , and never deviate from it.
  2. Since your team is using Hashicorp Terraform Enterprise Edition , enable Sentinel , and write Policy-As-Code rules that will check for non-compliant resource provisioning , and prevent/report them.
  3. Use Terraform OSS Sentinel Lite version , which will save cost , since there is no charge for OSS , but it can still check for most non-compliant rules using Policy-As-Code.
  4. Create a git master branch , and implement PR . Every change needs to be reviewed by you , before being merged to the master branch.

Answer(s): B

Explanation:

Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products. It enables fine-grained, logic-based policy decisions, and can be extended to use information from external sources.


Reference:

https://www.terraform.io/docs/cloud/sentinel/index.html



Which of the following connection types are supported by the remote-exec provisioner? (select two)

  1. WinRM
  2. UDP
  3. SMB
  4. RDP
  5. ssh

Answer(s): A,E

Explanation:

The remote-exec provisioner invokes a script on a remote resource after it is created. The remote- exec provisioner supports both ssh and winrm type connections.
remote-exec connection types -
* ssh on Linux
* winrm on Windows


Reference:

https://www.terraform.io/docs/provisioners/remote-exec.html



Select all features which are exclusive to Terraform Enterprise. (Select Three)

  1. Sentinel
  2. Cost Estimation
  3. Audit Logs
  4. Clustering
  5. SAML/SSO

Answer(s): C,D,E

Explanation:

Sentinel and Cost Estimation are also available in Terraform Cloud


Reference:

https://www.hashicorp.com/products/terraform/pricing/



Valarie has created a database instance in AWS and for ease of use is outputting the value of the database password with the following code. Valarie wants to hide the output value in the CLI after terraform apply that's why she has used sensitive parameter.
1. output "db_password" {
2. value = local.db_password
3. sensitive = true 4. }
Since sensitive is set to true, will the value associated with db password be available in plain-text in the state file for everyone to read?

  1. Yes
  2. No

Answer(s): A

Explanation:

Outputs can be marked as containing sensitive material by setting the sensitive attribute to true, like this:
output "sensitive" { sensitive = true value = VALUE
}
When outputs are displayed on-screen following a terraform apply or terraform refresh, sensitive outputs are redacted, with <sensitive> displayed in place of their value.
Limitations of Sensitive Outputs
The values of sensitive outputs are still stored in the Terraform state, and available using the terraform output command, so cannot be relied on as a sole means of protecting values.
Sensitivity is not tracked internally, so if the output is interpolated in another module into a resource, the value will be displayed.



Page 65 of 113



Post your Comments and Discuss HashiCorp Terraform Associate exam with other Community members:

Bin Mahamood commented on November 03, 2024
terraform { required_providers { aws = { version = ">= 2.7.0" source = "hashicorp/aws" } } }
Anonymous
upvote

Nayaran commented on October 21, 2024
First and for most... this exam is extremely hard. Second this exam dump contains majority of the questions. I passed the certification exam.
UNITED STATES
upvote

Marc commented on October 21, 2024
hello would need help
UNITED STATES
upvote

Marcellus Werifah commented on October 20, 2024
Verified answers
UNITED STATES
upvote

Nathan commented on October 20, 2024
Using dumps are my last resort. And that is what I ended up using with this exam to pass. The exam is extremely difficult.
France
upvote

Marcellus Werifah commented on October 20, 2024
Who decides what is the correct in case of conflicts
UNITED STATES
upvote

Marcellus Werifah commented on October 20, 2024
Novice. Would need detailed explanation of any questions
UNITED STATES
upvote

Siva commented on June 17, 2024
It's a good platform to start preparing for the HCTA 003 exam
Anonymous
upvote

Dhiraj Bhattad commented on June 14, 2024
It's a good platform to start preparing for the HCTA 003 exam.
Anonymous
upvote

Amizhchandra commented on May 12, 2024
Good material
CHINA
upvote

Direen commented on February 16, 2024
This was a easy passsss! Scored 95%. Unbelievable! I was hesitant at first but then I saw the pass guarantee policy so I said what the hell. If I fa I will get my money back. I am glad I bought it. Saved me so much time.
United States
upvote

Satya commented on February 09, 2024
Q83:--Terraform can only manage resource dependencies if you set them explicitly with the depends_on argument. Answer is "False"
UNITED STATES
upvote

Satya commented on February 09, 2024
Q76:---Which of these options is the most secure place to store secrets foe connecting to a Terraform remote backend? Shouldn't the answer be "Defined in a connection configuration outside of Terraform"
UNITED STATES
upvote

Satya commented on February 09, 2024
Q39:---Which argument(s) is (are) required when declaring a Terraform variable? Answer should be "None of the above" as Nothing is required while declaring variable
UNITED STATES
upvote

DN commented on September 04, 2023
question 14 - run terraform import: this is the recommended best practice for bringing manually created or destroyed resources under terraform management. you use terraform import to associate an existing resource with a terraform resource configuration. this ensures that terraform is aware of the resource, and you can subsequently manage it with terraform.
Anonymous
upvote

YK commented on December 11, 2023
good one nice
JAPAN
upvote

Mn8300 commented on November 09, 2023
nice questions
Anonymous
upvote

Naka commented on January 19, 2024
Very good, many questions same as the real exam
BRAZIL
upvote

vasu commented on December 22, 2023
good for practice
INDIA
upvote

MDN commented on December 11, 2023
Good sample questions
UNITED STATES
upvote

YK commented on December 11, 2023
Good one nice
JAPAN
upvote

YK 11 commented on December 09, 2023
Good one nice
JAPAN
upvote

Mn8300 commented on November 13, 2023
Very useful
Anonymous
upvote

Mn8300 commented on November 09, 2023
Nice questions
Anonymous
upvote

mpakal commented on October 19, 2023
Good and realistic questions.
UNITED STATES
upvote

pakalamb1995@gmail.com commented on October 19, 2023
so far nice
UNITED STATES
upvote

CP commented on October 09, 2023
Let Hope for the Best
EUROPEAN UNION
upvote

DN commented on September 04, 2023
Question 14 - Run terraform import: This is the recommended best practice for bringing manually created or destroyed resources under Terraform management. You use terraform import to associate an existing resource with a Terraform resource configuration. This ensures that Terraform is aware of the resource, and you can subsequently manage it with Terraform.
Anonymous
upvote

sipho commented on August 30, 2023
i will study ans see how it goes
Anonymous
upvote

Jersey boy commented on June 25, 2023
I just paid and download my files. I will report in a week after writing my exam to see how this goes.
UNITED STATES
upvote

Yung K. commented on October 11, 2021
Thank you for this exams dumps package. From the 2 exams I purchased as part of the 50% sale I alredy passed first exam.
TAIWAN
upvote