Q21. What methods of authentication does Vault support? (Choose four.)
A. JWT/OIDC
B. AppRole
C. GitHub
D. MMSQL
E. PostgreSQL
F. Nomad
G. LDAP
Answer
A, B, C, G
Q22. Vault Agent allows client-side caching of tokens and leases. If the agent is shut down, those tokens and leases cached will be revoked.
A. True
B. False
Answer
B
Q23. Which kind of token can be renewed indefinitely?
A. Periodic token
B. Orphan token
C. Use-limit token
D. Root token
E. All of the above
Answer
A
Q24. You can use a response-wrapping token more than once for as long as it has not expired.
A. True
B. False
Answer
B
Q25. Which statement describes the results of this command: $ vault secrets enable -version=2 kv (Choose two.)
A. Enables the secrets engine at path kv2/
B. The -version is an invalid flag
C. Enables the secrets engine at path kv/
D. Enables K/V v1 secrets engine
E. Enables K/V v2 secrets engine
Answer
C, E
Q26. Which of these are names of the replication methods available in Vault Enterprise? (Choose two.)
A. Disaster Recovery
B. Cluster sharping
C. Namespaces
D. Seal-Wrap
E. Performance
Answer
A, E
Q27. What attributes are unique to batch tokens? (Choose three.)
A. Cannot be renewed
B. Are not persisted
C. Can be periodic
D. Have a set time-to-live (TTL)
E. Are persisted
Answer
A, B, D
Q28. You have manually created some usernames and passwords for a Microsoft SQL database on Azure, and need to store these credentials in Vault. What secrets engine should you use for this?
A. MSSQL database secrets engine
B. Key/Value secrets engine version 2
C. Azure secrets engine
D. Transit engine
Answer
B
Q29. To create a non-root token with time-to-live (TTL) set to 30 minutes but with no max TTL which flag would you use?
A. -ttl=30n
B. -explicit-max-ttl=0
C. -orphan
D. None of the above
Answer
A
Q30. A user successfully logs into Vault with the following cURL command: curl –request POST –data @payload.json http://127.0.0.1:8200/v1/auth/ldap/login/mitchellh
The response will include what information?
A. client_token and policies
B. access_key and policies
C. access_key and secrets available
D. client_token and secrets available
Answer
A