What is the proper command to enable the AWS secrets engine at the default path?
If Bobby is currently assigned the following policy, what additional policy can be added to ensure Bobby cannot access the data stored at secret/apps/confidential but still read all other secrets?
path " secret/apps/* " { capabilities = [ " create " , " read " , " update " , " delete " , " list " ] }
How does the Vault Secrets Operator (VSO) assist in integrating Kubernetes-based workloads with Vault?
From the unseal options listed below, select the options you can use if you ' re deploying Vault on-premises (select four).
True or False? All dynamic secrets in Vault are required to have a lease.
By default, what TCP port does Vault replication use?
Tommy has written an AWS Lambda function that will perform certain tasks for the organization when data has been uploaded to an S3 bucket. Security policies for the organization do not allow Tommy to hardcode any type of credential within the Lambda code or environment variables. However, Tommy needs to retrieve a credential from Vault to write data to an on-premises database. What auth method should Tommy use in Vault to meet the requirements while not violating security policies?
Which of the following is NOT a valid way in which a lease can be revoked in Vault?
When generating dynamic credentials, Vault also creates associated metadata, including information like time duration, renewability, and more, and links it to the credentials. What is this referred to as?
Which of the following Vault policies will allow a Vault client to read a secret stored at secrets/applications/app01/api_key?