Question 6 of 93

What is the Vault CLI command to query information about the token the client is currently using?

Answer

Suggested Answer

The suggested answer is B.

The correct Vault CLI command to query information about the token the client is currently using is 'vault token lookup'. This command is specifically designed to return details about the token you are using, including its policies, creation time, and expiration.

Community Votes1 vote
BSuggested
100%
Question 7 of 93

Which of the following is a machine-oriented Vault authentication backend?

Answer

Suggested Answer

The suggested answer is B.

AppRole is a machine-oriented Vault authentication backend. It is designed for scenarios where machines or services need to authenticate with Vault, typically with specific role credentials. Okta and GitHub are human-centric authentication methods, and Transit is not an authentication backend but a secrets engine for encrypting data.

Community Votes1 vote
BSuggested
100%
Question 8 of 93

Security requirements demand that no secrets appear in the shell history. Which command does not meet this requirement?

Answer

Suggested Answer

The suggested answer is B.

The command 'vault kv put secret/password value=itsasecret' in option B does not meet the security requirement that no secrets should appear in the shell history. In this command, the secret 'itsasecret' is directly visible in the command line, which would be stored in the shell history, thereby violating the security requirement.

Question 9 of 93

You can build a high availability Vault cluster with any storage backend.

Answer

Suggested Answer

The suggested answer is B.

A high availability Vault cluster cannot be built with any storage backend. Only specific storage backends such as RAFT/Integrated Storage, Consul, DynamoDB, Etcd, and FoundationDB support high availability clustering. Therefore, the statement is false.

Community Votes2 votes
BSuggested
100%
Question 10 of 93

What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?

Answer

Suggested Answer

The suggested answer is D.

The correct command to create a secret with a specific key and value in the KV secrets engine is 'vault kv put'. The path to the new secret is 'secret/my-secrets', and the data format must be in key=value pairs. Thus, the command should be 'vault kv put secret/my-secrets my-password=53cr3t', aligning closely with option D, given a minor syntax fix.

Community Votes5 votes
DSuggested
80%
A
20%