HashiCorp VA-003-P Exam Dumps (V8.02) – The Best Exam Materials for HashiCorp Certified: Vault Associate (003) Certification Preparation

1. You are using the Vault userpass auth method mounted at auth/userpass.

How do you create a new user named "sally" with password "h0wN0wB4r0wnC0w"? This new user will need the power-users policy.

A)

B)

C)

D)

2. The vault lease renew command increments the lease time from:

3. HOTSPOT

Where do you define the Namespace to log into using the Vault Ul?

To answer this question

Use your mouse to click on the screenshot in the location described above. An arrow indicator will mark where you have clicked. Click the "Answer" button once you have positioned the arrow to answer the question. You may need to scroll down to see the entire screenshot.

4. You have a 2GB Base64 binary large object (blob) that needs to be encrypted.

Which of the following best describes the transit secrets engine?

5. How would you describe the value of using the Vault transit secrets engine?

6. What is the Vault CLI command to query information about the token the client is currently using?

7. Which of the following is a machine-oriented Vault authentication backend?

8. Security requirements demand that no secrets appear in the shell history.

Which command does not meet this requirement?

A. generate-password | vault kv put secret/password value

B. vault kv put secret/password value-itsasecret

C. vault kv put secret/password [email protected]

D. vault kv put secret/password value-SSECRET_VALUE

9. You can build a high availability Vault cluster with any storage backend.

10. What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?

11. What can be used to limit the scope of a credential breach?

12. What environment variable overrides the CLI's default Vault server address?

13. Which of the following statements describe the CLI command below?

S vault login -method-1dap username-mitche11h

14. The following three policies exist in Vault.

What do these policies allow an organization to do?

15. Your DevOps team would like to provision VMs in GCP via a CICD pipeline. They would like to integrate Vault to protect the credentials used by the tool.

Which secrets engine would you recommend?

16. Which of these is not a benefit of dynamic secrets?

17. Which of the following cannot define the maximum time-to-live (TTL) for a token?

18. What are orphan tokens?

19. To give a role the ability to display or output all of the end points under the /secrets/apps/* end point it would need to have which capability set?

20. You have been tasked with writing a policy that will allow read permissions for all secrets at path secret/bar. The users that are assigned this policy should also be able to list the secrets.

What should this policy look like?

A)

B)

C)

D)