CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. HashiCorp
  5. VA-002-P

Free VA-002-P Exam Braindumps (page: 15)

Page 15 of 51
PDF with 200 Questions

You are deploying Vault in a local data center, but want to be sure you have a secondary cluster in the event the primary cluster goes offline. In the secondary data center, you have applications that are running, as they are architected to run active/active. Which type of replication would be best in this scenario?

  1. disaster recovery replication
  2. single-node replication
  3. performance replication
  4. end-to-end replication

Answer(s): C

Explanation:

In this scenario, the key to answering is that there are applications actively running the secondary data center. Because of this, you can deploy Performance Replication and the applications can now use the Vault cluster in their respective data center. This reduces network latency for your applications and provides you with a secondary cluster for redundancy.



Which of the following policies would permit a user to generate dynamic credentials on a database?

  1. path "database/creds/read_only_role" {
    capabilities = ["read"]
    }
  2. path "database/creds/read_only_role" {
    capabilities = ["generate"]
    }
  3. path "database/creds/read_only_role" {
    capabilities = ["list"]
    }
  4. path "database/creds/read_only_role" {
    capabilities = ["sudo"]
    }

Answer(s): A

Explanation:

The HTTP request is a GET which corresponds to a read capability. Thus, to grant access to generate database credentials, the policy would grant read access on the appropriate path.



When registering a plugin with Vault, where would you configure the location where the binaries are located in order for Vault to properly register the plugin?

  1. in the Vault configuration file using plugin_directory=<path>
  2. in the UI underneath the plugin tab
  3. in the plugin configuration file using directory=<path>
  4. within the CLI command when registering a plug

Answer(s): A

Explanation:

The plugin directory is a configuration option of Vault, and can be specified in the configuration file. This setting specifies a directory in which all plugin binaries must live; this value cannot be a symbolic link. A plugin can not be added to Vault unless it exists in the plugin directory. There is no default for this configuration option, and if it is not set plugins can not be added to Vault.


Reference:

https://www.vaultproject.io/docs/internals/plugins



What is the Consul Agent?

  1. a process that registers services with Consul
  2. an agent that runs in the background to provide additional features for Consul
  3. the core process of Consul which maintains membership information, manages services, runs checks, responds to queries, and more.
  4. a daemon that Vault uses to register auth methods across all of its clusters to ensure consistency among the data written to disk

Answer(s): C

Explanation:

The Consul agent is the core Consul process that runs the Consul service. Everything Consul does is the result of the Consul agent, which can run in either server or client mode.


Reference:

https://www.consul.io/docs/agent



Page 15 of 51



Post your Comments and Discuss HashiCorp VA-002-P exam with other Community members:

Bruno commented on October 10, 2023
PDF is Vault, EXM is Teraform.
UNITED STATES
upvote