Vault Associate 002 Exam

Exam Vault Associate 002 All QuestionsBrowse all questions from this exam

Go to Exam

Question 14

The following three policies exist in Vault What do these policies allow an organization to do? app.hcl

callcenter.hcl

rewrap.hcl

Separates permissions allowed on actions associated with the transit secret engine

Nothing, as the minimum permissions to perform useful tasks are not present

Encrypt decrypt, and rewrap data using the transit engine all in one policy

Create a transit encryption key for encrypting, decrypting, and rewrapping encrypted data

Correct Answer: A

These three policies allow the organization to separate the permissions for different actions associated with the transit secret engine. The first policy permits updating (which can include encryption) using the key, the second policy allows updating (which can include decryption) using the key, and the third policy permits reading the key details and updating for rewrapping data. Thus, these policies enable separate permissions for distinct operations within the transit secret engine.

Discussion

daz_rekkaOption: A

https://developer.hashicorp.com/vault/docs/secrets/transit