Which of the following settings are configured using the configuration file? (select three)
Answer(s): A,C,F
Seal types, Storage backends, and cluster names are just a few of the configurations done via the configuration file. The others are configured within Vault itself.
Vault's User Interface (UI) needs to be enabled in the command line before it can be used.
Answer(s): A
The UI is enabled in the Vault configuration file, not in the CLI.
Which of the following unseal options can automatically unseal Vault upon the start of the Vault service? (select four)
Answer(s): A,B,C,E
When a Vault server is started, it starts in a sealed state and it does not know how to decrypt data. Before any operation can be performed on the Vault, it must be unsealed. Unsealing is the process of constructing the master key necessary to decrypt the data encryption key. Below are links covering details of each option:- https://www.vaultproject.io/docs/concepts/seal AWS KMShttps://learn.hashicorp.com/vault/operations/ops-autounseal-aws-kms Auto-unseal using Transit Secrets Enginehttps://learn.hashicorp.com/vault/operations/autounseal-transit Auto-unseal using Azure Key Vaulthttps://learn.hashicorp.com/vault/day-one/autounseal-azure-keyvault Auto-unseal using HSMhttps://learn.hashicorp.com/vault/operations/ops-seal-wrap Key shards don't support auto unseal instead key shards require the user to provide unseal keys to reconstruct the master keyhttps://www.vaultproject.io/docs/concepts/seal
Which TCP port does Vault use, by default, for its API and UI?
Answer(s): F
By default, Vault uses port 8200 for its API and UI.8201 is used for the cluster to cluster communication, 8300 is used for Consul Server RPC,8500 is used for the Consul interface,8600 is used for Consul DNS,and 8301 is used for its LAN gossip protocol.
Post your Comments and Discuss HashiCorp VA-002-P exam with other Community members:
Bruno commented on October 10, 2023 PDF is Vault, EXM is Teraform. UNITED STATES upvote