Q81. Where does the Vault Agent store its cache?
A. In a file encrypted using the Vault transit secret engine
B. In the Vault key/value store
C. In an unencrypted file
D. In memory
Answer
D
Q82. Your organization has an initiative to reduce and ultimately remove the use of long lived X.509 certificates. Which secrets engine will best support this use case?
A. PKI
B. Key/Value secrets engine version 2, with TTL defined
C. Cloud KMS
D. Transit
Answer
A
Q83. When unsealing Vault each Shamir unseal key should be entered:
A. Sequentially from one system that all of the administrators are in front of
B. By different administrators each connecting from different computers
C. While encrypted with each administrators PGP key
D. At the command line in one single command
Answer
B
Q84. As a best practice, the root token should be stored in which of the following ways?
A. Should be revoked and never stored after initial setup
B. Should be stored in configuration automation tooling
C. Should be stored in another password safe
D. Should be stored in Vault
Answer
A