In order to extend Vault beyond a data center or cloud regional boundary, what feature should be used?
Answer(s): C
To extend Vault beyond a data center or cloud regional boundary, replication can be used. Vault supports both DR replication and Performance replication to copy data from the primary cluster to a secondary cluster safely.
When creating a dynamic secret in Vault, Vault returns what value that can be used to renew or revoke the lease?
Answer(s): A
When reading a dynamic secret, such as via vault read, Vault always returns a lease_id. This is the ID used with commands such as vault lease renew and vault lease revoke to manage the lease of the secret.vault lease lookupUsage: vault lease <subcommand> [options] [args]This command groups subcommands for interacting with leases. Users can revoke or renew leases.Renew a lease:$ vault lease renew database/creds/readonly/2f6a614c...Revoke a lease:$ vault lease revoke database/creds/readonly/2f6a614c...Subcommands:renew Renews the lease of a secretrevoke Revokes leases and secrets
https://www.vaultproject.io/docs/concepts/lease
Which is not a capability that can be used when writing a Vault policy?
Answer(s): E
When writing a Vault policy, permissions which can be applied to paths include create, read, update, delete, list, deny, and sudo.
https://www.vaultproject.io/docs/concepts/policiesModify is not one of them.
Which is not a benefit of running HashiCorp Vault in your environment?
Vault does not integrate with any VCS (Version Control System) to checkout or read code. However, It can use GitHub as an auth method.
Post your Comments and Discuss HashiCorp VA-002-P exam with other Community members:
Bruno commented on October 10, 2023 PDF is Vault, EXM is Teraform. UNITED STATES upvote