최신HashiCorp Certified: Vault Associate (003)Exam - HCVA0-003무료샘플문제
문제1
A MySQL server has been deployed on Google Cloud Platform (GCP) to support a legacy application. You want to generate dynamic credentials against this MySQL server rather than use static credentials. What Vault secrets engine would you use to accomplish this?
A MySQL server has been deployed on Google Cloud Platform (GCP) to support a legacy application. You want to generate dynamic credentials against this MySQL server rather than use static credentials. What Vault secrets engine would you use to accomplish this?
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)
문제2
You have a new team member on the Vault operations team. Their first task is to rotate the encryption key in Vault as part of the organization's security policy. However, when they log in, they get an access denied error when attempting to rotate the key. The policy being used is below. Why can't the user rotate the encryption key?
path " auth/* " {
capabilities = [ " create " , " read " , " update " , " delete " , " list " ]
}
path " sys/rotate " {
capabilities = [ " read " , " update " ]
}
You have a new team member on the Vault operations team. Their first task is to rotate the encryption key in Vault as part of the organization's security policy. However, when they log in, they get an access denied error when attempting to rotate the key. The policy being used is below. Why can't the user rotate the encryption key?
path " auth/* " {
capabilities = [ " create " , " read " , " update " , " delete " , " list " ]
}
path " sys/rotate " {
capabilities = [ " read " , " update " ]
}
정답: B
설명: (ITDumpsKR 회원만 볼 수 있음)
문제3
You are using the Vault userpass auth method mounted at auth/userpass. How do you create a new user named " sally " with password " h0wN0wB4r0wnC0w " ? This new user will need the power-users policy.
You are using the Vault userpass auth method mounted at auth/userpass. How do you create a new user named " sally " with password " h0wN0wB4r0wnC0w " ? This new user will need the power-users policy.
정답: C
설명: (ITDumpsKR 회원만 볼 수 있음)
문제4
Based on the screenshot below, how many auth methods have been enabled on this Vault instance?
Based on the screenshot below, how many auth methods have been enabled on this Vault instance?
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제5
You are deploying Vault in a local data center, but want to be sure you have a secondary Vault cluster in the event the primary cluster goes offline. In the secondary data center, you have applications that are running, as they are architected to run active/active. Which type of replication would be best in this scenario?
You are deploying Vault in a local data center, but want to be sure you have a secondary Vault cluster in the event the primary cluster goes offline. In the secondary data center, you have applications that are running, as they are architected to run active/active. Which type of replication would be best in this scenario?
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제6
A new application is being provisioned in your environment. The application requires the generation of dynamic credentials against the Oracle database in order to read reporting data. Which is the best auth method to use to permit the application to authenticate to Vault?
A new application is being provisioned in your environment. The application requires the generation of dynamic credentials against the Oracle database in order to read reporting data. Which is the best auth method to use to permit the application to authenticate to Vault?
정답: C
설명: (ITDumpsKR 회원만 볼 수 있음)
문제7
How would you describe the value of using the Vault transit secrets engine?
How would you describe the value of using the Vault transit secrets engine?
정답: B
설명: (ITDumpsKR 회원만 볼 수 있음)
문제8
Suzy is a Vault user that needs to create and replace values at the path secrets/automation/apps/chef. Does the following policy permit her the permissions to do so?
text
CollapseWrapCopy
path " secrets/automation/apps/chef " {
capabilities = [ " create " , " read " , " list " ]
}
Suzy is a Vault user that needs to create and replace values at the path secrets/automation/apps/chef. Does the following policy permit her the permissions to do so?
text
CollapseWrapCopy
path " secrets/automation/apps/chef " {
capabilities = [ " create " , " read " , " list " ]
}
정답: A
설명: (ITDumpsKR 회원만 볼 수 있음)
문제9
There are three Vault policies displayed in the exhibit.
What do these policies allow the organization to do?
Exhibit:
app.hcl
path " transit/encrypt/my_app_key " { capabilities = [ " update " ] }
callcenter.hcl
path " transit/decrypt/my_app_key " { capabilities = [ " update " ] }
rewrap.hcl
path " transit/keys/my_app_key " { capabilities = [ " read " ] }
path " transit/rewrap/my_app_key " { capabilities = [ " update " ] }
There are three Vault policies displayed in the exhibit.
What do these policies allow the organization to do?
Exhibit:
app.hcl
path " transit/encrypt/my_app_key " { capabilities = [ " update " ] }
callcenter.hcl
path " transit/decrypt/my_app_key " { capabilities = [ " update " ] }
rewrap.hcl
path " transit/keys/my_app_key " { capabilities = [ " read " ] }
path " transit/rewrap/my_app_key " { capabilities = [ " update " ] }
정답: D
설명: (ITDumpsKR 회원만 볼 수 있음)